Greetings, dear readers! I made the decision to write a rather unusual article in which I want to step away from the conventional wisdom and discuss various tools and gadgets for OpSec, but with a preference for their practical use and usability.
Art by: Regul Lion
As a digital nomad, it’s essential to put strong security measures in place to protect your cryptocurrency holdings and private data. This article aims to discuss the significance of security and offers helpful advice and suggested gadgets for cryptocurrency-owning digital nomads.
A brief disclaimer: This article was originally split into two (1, 2) distinct older articles. However, because of recent tragic world events (multiple active conflicts at once), I decided it would be appropriate to update them, which I did. I do hope you like it!
For daily tasks and financial transactions, an average digital nomad heavily relies on digital tools and platforms. However, doing so also exposes people to a number of risks, including phishing scams, theft, and hacking attempts. Private keys can be compromised, funds can be lost, and online identities could be in danger due to security flaws.
The problem is that I don’t have the moral authority to advise someone like an OSINT researcher what I would advise a Web3 or crypto community participant. In other words, I won’t just give advice for Internet survivalists in this article; I’ll give it to everyone.
The fact is that everyone’s needs for OpSec are different and, as follows from one of the golden rules, it all depends on who you expect the danger to come from and their capabilities. Here our story should turn to the science of Security Awareness, but I’ve described it in detail in my previous articles, so we will focus on the solutions the average reader can implement.
As a digital nomad and cryptocurrency owner, it’s essential to recognize the specific risks associated with traveling while managing digital assets. Here are a few prevalent risks:
Public Wi-Fi Vulnerabilities: Digital nomads frequently rely on public Wi-Fi networks, which are often unsecured. These networks can be exploited by hackers aiming to steal sensitive information and compromise cryptocurrency wallets;
Malicious Software and Phishing Attacks: While traveling, digital nomads may encounter a variety of phishing attempts and malware that can compromise their digital security and potentially steal their cryptocurrencies;
Physical Attacks: No comments here.
At this point, I will divide my narrative into several parts, the first of which will cover the most important and simplest things, before moving on to more complex and specific ones. In thinking about how to divide up the article, I settled on the financial aspect.
So, in Part I I will tell you what everyone can do right now, free and fast, and in Part II I will show you how you can improve your security if you can afford to invest in it up front. If you already know everything and want to find something new, go straight to Part III, in which I have collected my work and interesting references — they certainly will not leave you indifferent! Let’s get started!
Surprisingly, few people know that anyone can effectively defend against sim swapping. It works both in the US and worldwide on almost all mobile operators. To lock down your SIM, contact your mobile phone carrier. Ask them to NEVER make changes to your phone number/SIM unless you physically show up to a specific store with at least two forms of identification.
Check out the following guide; it contains a few useful, less-obvious advice pieces that I won’t mention here:
That is a standard that has been tested by telecommunications operators in the United States, the United Kingdom, Poland, and China. You just need to insist on it or visit the head office, and I’m sure that the support manager on the phone mayn’t know about it.
Choose a reliable E-sim! For example:
This (should) prevent hackers from calling up AT&T, T-Mobile, or Vodafone, claiming to be you, and asking them to port your phone number to a new phone. You can also ask them to never swap your sims without you revealing a specific secret to them. Naturally, it still comes down to the protocol rigidity of the person taking the hacker’s call, but it’s nice to do what you can.
Many of us travel by airplane, and many of us have to deal with carrying luggage. That’s a pretty serious threat to your OpSec unless, of course, your iPad, computer, or phone has potentially valuable information on it. And if you don’t fly, you probably travel from point A to point B in some other way — by car, train, and so on. I’ll leave it here, just in case, as it’s important to everyone. Wills. Just in case your trip is going to be extremely dangerous:
A secure cryptocurrency wallet is an indispensable tool for every digital nomad. It is essential to choose a reputable and well-established wallet service that offers features like two-factor authentication (2FA), multi-signature authorization, and cold storage.
Hardware wallets provide an extra layer of protection by keeping private keys offline and away from potential online threats. These devices are portable and easy to use, allowing digital nomads to carry their cryptocurrency assets securely wherever they go.
Strictly speaking, OpSec rules do not prohibit the use of special devices that do not look suspicious, such as a Nintendo Switch, old-fashioned PSP 1000/2000/3000, or even a disassembled Raspberry PI!
If you are in possession of rare confidential information, you can use one of the safest methods of conspiracy. For example, you can transfer your passwords to a draft letter (better — two letters) on Tutanota or Protonmail and use a complex password to log into your mail, or use a physical key like Yubikey or Nitrokey.
Even if these services, at the request of the authorities, hand over your IP and browser information, which, by the way, can be hidden by Tor or anti-detection systems, the content of emails will definitely not be read by anyone.
That said, it’s important to have a physical copy as well, but here you can argue with me. It creates, in essence, the very “point of failure” of our security system. But there is a solution to this problem, and its name is steganography.
A lot has been said and written about this topic, so I will be brief in this section and hope that you can find information on this subject yourself. I advise you to pay attention to my recent articles, as well as projects such as AnonPlanet.
Explore the following guide, there are a couple good non-obvious tips collected there that we won’t mention today:
Operational security professionals work to figure out where their information can be breached. That said, it doesn’t really matter what industry you’re in. If you have any sensitive or proprietary information at all, then you could very well be a target. This is a good thing to always keep in mind!
Take this subreddit and this awesome old and trusted resource as the first step. In our dangerous world, anyone can become a target, especially in crypto or having to deal with private keys. It sounds scary, but it is possible. The main thing is to always think ahead. By the way, if you’re interested in tips for just such situations, check out my blog and scroll down to the bottom of my older articles!
That said, the protection of your device and the fact that they are known to be a serious threat to OpSec, no doubt, remains entirely on your conscience. You have to understand that the basic law of security tells us to first identify threats and only then build a security system, so you have to be sure in advance that your devices are in good order and not compromised. Last but not least, Partial-Air-Gap is your friend, so check out AirGap_it and similar solutions on market.
I would also like to start by saying that, in fact, there is no perfect solution to the problem of security, but mankind is trying to solve it, and in our time it has become available not only to the military or the very rich, but to ordinary people — that is, now you can go to the store, buy a few things, and use them to solve the problem of security in your individual case.
Let’s look at what solutions are on the market. I will focus only on devices for OpSec, and I will not mention a lot of existing hacking devices, toys, and backpacks if their purpose is not related to security.
The first thing is a collection of tools for manifesting strong pass-phrases while helping you release the toxins of your past security habits. Through a process of focused meditation, dice rolling, and memorization of mantras, you will cleanse your security.
As stated in the description:
Kit includes Word List, five red dice, custom brass ring, sealing wax, brass pen, matchbox, and handmade paper. Dice tower is built into the clam shell case, covered in Sierra bookcloth and foil stamped in gold. Word List is printed using digital offset and is a limp paper structure covered in handmade paper from The University of Iowa.
I do believe that this stylish device does its job well, but you have to learn how to use it quickly and confidently, even with its apparent simplicity. As said before, you have to be familiar with your own security system so it doesn’t take up your most valuable asset — your time.
Here we will look at several kits at once. The first is the Altoids survival kit — after getting acquainted with the kit, I can say that it is definitely useful for hiking, camping, or everyday carry; this pocket survival kit is a convenient and inexpensive way to provide survival essentials!
There is nothing to add here except that this is a more or less standard balanced survival kit — so let’s go straight to the more serious kits.
Next in our review would be a Digital Resistance Kit, which provides you with the tools for a true identity detox.
As stated in the description:
kit includes the Manual of Digital Resistance, wax sealed anonymous cash, bitcoin, prepaid gift cards, Starbucks cards, and a TAILS USB stick. A preconfigured anonymous tablet, a preconfigured anonymous smartphone, and a preconfigured anonymous flip phone w/ SIM cards are also included. Interesting that the manual was printed using digital offset and Johannot paper was used for the wax sealed packets. The housing is covered in black Euro Buckram and felt. Cover foil stamped in black.
I can definitely say that the author has quite an interesting vision! At the same time, I believe that there is a sense and an opportunity to collect exactly the same set yourself — the Authors have made a detailed instruction and posted it in the public domain, for which they no doubt get our full respect!
First of all, in this section, I would advise you to deal only with vendors you trust. I guess nobody doubts QubesOS is reliable, so use the list from their website, it will save your time when searching for a secure device among dozens of solutions on the market. Many of them do not even meet the minimum security requirements.
It is not important what you use — an iPad or a Laptop — the main thing is how you do it. I can recommend you to look at devices like Nitropad and Privacybeast because I am confident in their reliability, but the rest depends on you and your caution and awareness.
The first thing on our review is a mask which is actually used to silence the wearer’s voice for phone privacy in public areas. The best fact about it is that it looks like the one Bane wore in The Dark Knight Rises!
As stated in the description:
The odd looking device covers the wearer’s mouth and blocks the sound of their voice with “masking sounds” that can be selected and customized from the accompanying app.
I believe this stylish device does its job well, but despite its apparent simplicity, you must learn how to use it quickly and confidently. As said before, you have to be familiar with your own security system so it doesn’t take up your most valuable asset — your time.
The following device, by the way, like all in the known list did not live up to our days, but that does not mean that the technology is bad or that we can not replicate it at home in the form of DIY.
As stated in the description:
JackPair is an affordable tool that enables average citizens to protect themselves against wiretapping. It’s a pair of encryption devices you put in between your phone and headset, which are connected through standard 3.5mm audio jacks. You can secure your phone line by simply pushing the JackPair button, and your voice will be encrypted. There’s no password to remember, no software to install, no service to subscribe to, and it works with any phone through a standard audio jack.
I’m still skeptical about the system’s dependability — after all, it has a couple of possible critical flaws coming from the way it uses key-pairs — but these precautions may be sufficient if you’re not expecting a Big Hunt!
Little is known about this device, except that it is most likely a more primitive continuation of what we’ve seen before. It’s exciting to see technology advance, but I still wouldn’t recommend using something you didn’t make yourself in DIY format or buy from a reputable vendor with a long-standing, trustworthy reputation in such matters.
As stated in the description:
This handy device is placed over the mouth while the microphone slips into the side compartment — substantially blocking your voice while you talk!
As a bonus, suggest you taking a look at this awesome humanity invention! First time I spotted it when noticed a film showing that mr. Snowden entered his password this way, and he obviously wanted to mitigate visual surveillance, let it be by observation or (hidden) cameras.
It seems, mr. Snowden didn’t trust anything but his own laptop (if at all) during these first day(s) of contact with the journalists.
He also offered the blanket to the others in the room when they were entering their credentials into their laptops, but they refused, probably regarding this as being overcautious.
But you and I should always remember that who laughs last laughs well! Anyways, everyone can afford such an OpSec device!
Below, I would like to make a gallery of resources that you could explore in your spare time and increase your level of security. The idiom “Forewarned is forearmed” has never yet, in my memory, misfired.
I am not asking you to comply with all of this, but you must remember the main rule in this particular case:
As a digital nomad, owning cryptocurrency offers mobility, flexibility, and financial independence, but it also introduces significant security risks. By implementing the suggested measures and utilizing recommended devices, digital nomads can mitigate these risks and ensure the safety of their cryptocurrency holdings and personal information.
Keep in mind, being secure is not solely a one-time action but an ongoing effort to stay ahead of potential threats in an evolving digital landscape. Embrace the possibilities of the digital nomad life while remaining vigilant about security, and you can enjoy the benefits without compromising your cryptocurrency assets:
Invest in anti-theft backpacks or bags, like Pacsafe or XD Design Bobby, that have built-in security features like cut-proof materials, lockable zippers, and RFID-blocking pockets;
Also invest in a reputable virtual private network (VPN) to encrypt your internet traffic and protect yourself from potential Wi-Fi network vulnerabilities. This will prevent hackers from intercepting your data while working remotely or accessing cryptocurrency accounts;
Also, use only your own chargers and cables and, if necessary, buy them only in stores and make sure the packaging is intact!
Study the following guide, there are a couple of good non-obvious tips collected there that we didn’t mention today:
Yes, it seems like it is a veritable minefield over there. Keep the faith. Learn the latest attack techniques, white hat cheat sheets, and defenses. Only knowledge can defeat criminals’ knowledge. In this intellectual boxing match, the most prepared wins, and we want that to be you!
Support is very important to me, with it I can do what I love — educating users!
Art by: Regul Lion
If you want to support my work, please consider donating:
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR;