This is not going to be published on Halloween, but it is Halloween that I'm recording it.
So in the spirit of telling scary stories, I thought about what would be a good topic for tonight.
I think I can apply the context appropriately. So you'll either find this to be a scary story, because hearing anyone talk about computer science and cyber security, info sec, just that notion of having to hear someone geek out on those topics is scary enough, and therefore it qualifies as a scary story for Halloween.
Or if you're not afraid of the topics and you actually enjoy the topics, then the scary part is the actual subjects within this genre of conversation, which is the actual scary things that happen when your cyber security is done incorrectly or when complacency sets in.
From a permaculture perspective, what's the output of the system of design that you want to achieve?
You have to engineer and design a system that's going to produce a desired effect, a set of effects.
So what I'm trying to achieve is a lifestyle where only what's on my person is what I'm what I'm gonna fight to defend in the world, anywhere in the world, under any circumstance, if at all possible, in the sense that, obviously, if you try to steal my land that's a different context. That's a legal battle, or it could be kinetic warfare, if you will, to try to steal my land or to end my life so that you could take over my land in some way, shape or form.
But the point being, yes, that's something that I that is beyond the scope of what I carry in my pockets and what I can make jewelry out of that.
If I were to have it threatened, I would fight for it.
I wouldn't wanna just walk away from it. But other than that, the main thing is, if someone was gonna carjack me, am I comfortable to walk away from that physical object under those circumstances?
Or am I gonna think that, oh, I've got a risk taking a bullet for something precious to me, some physical object that I have stored in the vehicle or the vehicle itself, for whatever reason, financial or sentimental, or is my livelihood it's worth.
If you steal my work truck, then I will have no livelihood.
Therefore, I may as well fight for it as if it is part of my life, because it is my livelihood.
There's that consideration and that is true for me in a lot of ways.
I live in my truck, I'm a trucksteader even on my, land, I’m still living in my truck and I would not want to have it be taken from me by legal or unlawful means.
I would hope to not have to take a bullet for it.
But I wanna have a life where if someone puts a gun in my face and says, I'm taking this from you, that if it's a vehicle or even a backpack, that unless they are really gonna strip search me and take everything out of my pockets, or even that I make jewelry out of...
I make a very secure necklace, unless they go to that extent they could even strip me of my clothes or have me empty my pockets or whatever and they probably won't ask to know what is the contents of a tiny, waterproof match container where I keep my encrypted micro sd drives.
We're gonna get to that strategy.
That's a bit of foreshadowing to say that right there. But basically, the physical objects I'm willing to have to fight and die for if I have to...
It's my own arteries, my own veins, my own vital organs, the things that you could stab me in or targets that you could shoot a bullet through.
At that layer of self-defense, that's where I keep my encrypted data, that means that anything beyond that layer, which is very unlikely to be attacked at that level, but it's far more likely that I that I lose something if a vehicle gets stolen. Or vehicle gets crashed or I leave a backpack somewhere.
So just the lifestyle I wanna have is being unattached to things that aren't attached to me, if it's not very tightly securely, attached to my person in the form of jewelry.
I'm not gonna get a surgical implant of a micro sd card.
You probably could do that. Probably some places in the world.
It's probably possible to do something like that, a sci fi theme of embedding data in wetware of some kind that's probably not far off with everything that's happening.
But at this point, if I can have a micro sd drive that I make into a waterproof and secure form of jewelry then that satisfies for me that protocol I wanna have which is if it can get lost or stolen and my life can be threatened in any of those scenarios then I wanna be able to walk away from whatever it is.
So what this is all about, what I'm calling the burnerization of a laptop.
Because, whereas before, I went through a process that I'm gonna document in this episode, if you came up to me and said, I'm gonna steal your laptop, or if it got seized, or if I left it somewhere, it would be an issue for me.
I would want to cling to that. It would be a part of me. The same as a mobile device.
I don't wanna lose or have my mobile device seized or be lost or be stolen.
And I act accordingly with what, I try to keep it and talk about burnerization, I delete all my emails. I get to inbox zero for the most part, I delete my messages, not because I'm obstructing justice, because there's an investigation that I'm aware of happening of any kind whatsoever.
No, it's just good practice. If you do that as a good practice, then you'll never be in a situation where they say you pro-actively started destroying evidence of criminality or suspected criminality out of character with your normal routine of how you are treating things.
If you have that habit already, then it's not out of your normal habit.
It's not out of the ordinary for you to start doing that if you were afraid.
It's just no, everything is scheduled for deletion and everything is cycled out.
So that's just the best practice. And there's no law that says you have to maintain all of your text messages for X number of years.
I'm not a bank. I'm not doing business under any entity that is scrutinized in that way with my personal devices.
So I have the freedom to habitually destroy communications and do things like shred files where you overwrite the files on the hard disk in certain ways so that it's basically just noise.
At that point, it can't be resurrected from a file, because in most file systems you delete it, and even if you empty the trash bin on the desktop, the file still exists and occupies space as it is on the hard drive, somewhere, wherever it's living.
By putting it in the trash bin, you're just giving a direction that says, this file space can now be overwritten.
But unless you overwrite it pro-actively and there’s software to do that, then you have to assume that every file you delete until it is overwritten...
And sometimes people would say, it has to be overwritten numerous times for there to be no trace of it left.
Obviously, that depends a lot on the hardware, and I'm not an expert in the permutations of different storage devices.
Some apparently don't need to have a million over writes in order to have confidence that the file can't be recovered.
There's lots of different permutations of the hardware and lots of different cyber security folk lore around what you have to do.
That's just one example of having a lifestyle where I don't wanna have excessive bread crumbs, and I don't wanna be worried about, oh, what happens if you take your laptop in for repair and then, boom, something private becomes public, whatever that might be. And for me, I wouldn't consider anything that I'm doing to be violations of law, it's more just that I have a private life or other people's likenesses are part of that private life, and I owe it to them to have good encryption and to not make my private digital life be something that becomes a public affair.
So that's scary enough. As far as a Halloween topic, how would you like your device, whatever it is to be stolen? And for the contents of it, whatever is on there, it doesn't need to be criminal, it just needs to be personal.
It just needs to be private, something that you chose not to display publicly to the world, and that you would rather not be displayed publicly to the world.
That's scary enough. Again, doesn't have to be illegal. And for me, I'm not protecting anything that I consider to be a violation of the law.
So no matter what you're doing, it could be very highly sensitive journalism, that's another good example of something not too controversial to talk about.
If you're doing journalism and you've got contact information for your sources that you need to keep private for their safety and for your safety and security doing the work you're doing, then you need to have an awareness of good encryption, and you need to do things like have good practices about how you delete files, how you store communications.
All those are considerations that are now more and more reasonable for even lay people to have some awareness of.
So getting back to this idea of being less attached, to designing a lifestyle, say, with my primary mobile device.
I wouldn't say I've gone through the process of total burnerization of it. I would be sad to lose it because it would take me a long time to reestablish another device just from all the cyber security stuff going on. I feel confident that if I lost it or it was seized or misplaced, stolen, whatever...
As long as it was locked or off when it left my possession, I would feel reasonably confident that, even if it was cracked, I'm not that concerned about what could possibly happen.
Obviously, there's things like password managers that are recommended to be used and there's extra layers of security I put on things like that. But if you hack my email, you're not gonna find anything interesting there, I keep it pretty much gutted for the most part I could rebuild it so that's something I don't lose a lot of sleep over.
I'm just trying to have less things that I could be neurotic about in my digital life, so I could survive emotionally, financially, whatever I could survive losing my mobile device for whatever reason my main mobile device.
Because I use a laptop for most of my computing, and I have all my configurations, software settings and whatnot, I would be very attached to it.
I would think, no, I can't let someone take this from me at gun point. I have to risk death fighting for it because of this effort I put into configuration of the desktop environment. I don't wanna do that again. I don't wanna think about that again. So now I have this appendage that I have to fight for as if it's one of my vital organs and that I don't like.
This is a tactical show. We're talking about what are you fighting for?
When are you gonna be fighting for it? If I'm gonna be in places in the world, or having a lifestyle where I'm not always in a sheltered situation...
If I'm traveling or the work that I do, if I leave a laptop in a vehicle, I'm gonna be very nervous, I'm not gonna have a good time wherever I leave it if I'm highly attached to the configurations of that laptop.
So if I can burnerize that laptop in the sense that as long as the encryption is good, and I'm aware of the extent possible of not having key loggers on my keyboard, or segmenting and isolating offline and online activities to at least, create some distinction from where there could be leakage through vulnerabilities in apps and whatnot.
That's probably the Achilles heel that we all are whistling past the graveyard on. Something called root kits, which I won't get into, but are very, very terrifying to know about.
Equally terrifying is just the ever looming threat of key loggers, which would get your encryption passwords.
Until there’s some kind of telepathic way to unlock or input a password into a system, then you're always going to be at the mercy of key loggers.
I'm gonna get to where even that issue can start to be resolved at various levels.
But, for now, it's about taking a laptop and having it be more like my mobile device in the sense that I would not be thrilled to lose it. But there need be nothing on there where I'm worried...
And again, it's not something illegal. It's like, okay, the authentication material for me to get into this server that's serving a file, the authentication material is living on that laptop, then if anybody gets in that laptop and it's not encrypted properly...
Or it doesn't have strong encryption, or they're able to crack it, then if what's used to get in my server is on that laptop, then I would have to fight for it.
But if I can run a laptop and use a laptop for all the good things that it has, a nice screen, has a nice keyboard. I can do a lot of work on it. But is there a way possibly for me to run my digital life on that laptop where there's nothing sensitive that remains on it?
There's nothing that I would have to fight for, that I would care to fight or risk my life to defend it.
I can let it go. I can let it be stolen. I can let it be lost. I can let the hard drive crash and die, etc.
It's part of my attack surface that I'm no longer putting my life in front of.
I'm not gonna take a bullet for a laptop anymore.
But I could have taken a bullet just by being stubborn about handing it over if someone put a gun on my face and said, give me everything, give me your backpack.
Or give me your laptop bag, any hesitation could get you killed in that moment.
So I would like to be able to say, as a matter of fact, I was already reaching to hand it to you because I did a process that I would call burnerization and there's nothing on there that if you were able to crack the encryption, then I would care to lose or have you have access to because I already configured it so that's not where I store the files that I care about the most.
And I'm not gonna tell you where I store the files I care about the most because I don't think it's worth your time to fight me for them.
I don't think you'll even think to ask me for it.
You're not gonna say, hey, can I open up all the compartments in your jewelry to make sure…
If they were crypto savvy and they were gonna do crypto jacking of some kind, they would they if they knew who I was, if they were spear-fishing me, or they were targeting me directly, then they might say, we know who you are. We know you probably have key material on your person on encrypted micro sd drives, and we're gonna target you in that way.
So that's a risk that anybody who talks about this stuff always has.
So I guess if that's you and you wanna come out me, bro, then, we'll see what happens.
I roll deep these days, so you better bring some homies cause, I got my homeies too.
But other than that, the odds of me having to fight for my jewelry, believe me, it's not like gold. When I say jewelry, I mean paracord necklaces. I don't mean gold chains.
Oh, man, I should rephrase that. I don't wanna get your hopes up like, I'll take this guys jewelry. Come on. I take jewelry every day. No, it's not jewelry. Don't let me confuse you with that terminology.
I mean accessories, clothing, accessories, if you will, a necklace made out of paracord that's hanging a waterproof match container that I keep my encrypted drives in, so if that’s something that interests you and you're not taking it as a tip you're taking it as a target, then I guess you know what to come at me for if you're gonna come at me.
But again, you'll have to get through my homies.
So with that said, now let's get into the mechanics.
That's all the why. Now let's get into the how. To recap the why, I want to be able to make a clean break and walk away from any physical object that's not tightly secured on my person.
I don't wanna worry about where it's stored or if it's in my vehicle or not, or if it's visible in a vehicle or not.
I just wanna not have that concern. And it's not necessary because of how much file storage you can get on a micro sd drive, and you can copy them, basically make backups of them so you don't have to worry that, oh, if one of them fails, you lose everything.
So to me, that is the goal. That's the Holy Grail.
If I can scale down my secret files to just what I can fit in that waterproof match container the size of my pinky hanging on necklace.
That means I can go anywhere in the world, and I don't have to be losing sleep over where's my laptop.
Obviously, I wanna secure it to the best of best my ability, in terms of the file and disk encryption, and then it's being physically secure.
But again, I wanna be able to walk away from it.
So that was why I want to be able to sleep at night.
I wanna be able to leave it in a vehicle. I wanna not care that it could be stolen, breached, lost, hard drive crash, whatever.
Just let that be a burner laptop. That means that if I can run my digital life from a micro sd card, then that laptop is replaceable.
I could use any laptop. And now we get into the how, how could you possibly do that?
How can you have all of your settings for your operating system? And how can you even have an operating system?
Now, this is where it gets to the fun part of the lifestyle change, the digital lifestyle change of going from an operating system that runs off of your local hard disk which obviously it's gonna be faster to do it that way, not necessarily noticeably faster, but that's what we all sort of assume.
Okay, you buy a laptop, and most people would assume you buy a laptop, you have a proprietary, closed source operating system that's bundled with it, and you have a license to that.
And of course, if you're interested in cyber security, then you probably know, unless you're using Linux, and even to some degree, you're giving up some data, some private data, to be running Linux and connecting to the Internet, whatever the distribution is.
But there's a continuum. So you go from the unsophisticated, unsavvy, cyber security, naive consumer who just buys a laptop and runs whatever is already on there, trusting it implicitly, that's where most people are victimized, at that level.
And then if you wanna get a little bit more sophisticated, you might evolve into using any number of Linux distributions that are well supported, and that will basically run like a permanent on-disk operating system.
That's what I have been doing for years. And I recently decided that it was time to shift and go to an even more advanced level, which is to be running what you would call a live booting, external device, booting from either a DVD or a so called optical drive, or a USB, or even a micro sd, but basically having a detachable, portable operating system that loads its files into the memory and doesn't leave a trace and doesn't write files to the hard drive.
So literally, it is an operating system that is a hundred percent portable, and there's various ways to do that, but the one that is the most designed for security conscious people is called TAILS.
Amnesic Incognito Live System is what that acronym stands for.
It's worth understanding the history and the context of it, but essentially it is a highly private and secure by design daily driver for using the tor network.
Basically if you wanna have private and secure encrypted access to the internet then a VPN is one solution and tor is another solution. Sometimes people would argue there's ways to have them work together. Some people say, don't bother with that. But that’s another conversation.
Now, I'm just gonna say that I have been using TAILS operating system for almost half of my operations on a laptop for many years now, since I've got into Linux, I've had basically a hybrid of running the dedicated desktop environment Linux distribution that would be pretty much what I would connect to the Internet through.
And then I would be using TAILS for just working with files offline that I didn't wanna ever have any commingling with an Internet connection, private and secure data that doesn't need to be running in the same environment that has an Internet connection.
And, of course, TAILS is meant to have a tor based Internet connection. But for the most part, I was not using it. I was using the functionality of the of the TAILS operating system, not to get on tor and use the Internet through tor. I was happy to use a VPN on my main desktop environment.
I was using TAILS mainly for the purpose of running and accessing external hard drives that were encrypted. I don't wanna type in…obviously, this is again whistling past the graveyard with the sophistication of key loggers, but some segmentation is better than none.
So the idea for me is that if I have an encrypted external drive on whatever medium, an encrypted portable device, do I want to type in the decryption password for that device in a hot environment, meaning that it has a connection to the Internet?
I would rather not do that. I would rather access and enter the authentication for that device in a cold or offline environment, in the best of all worlds, that would be a completely dedicated, isolated machine, a separate laptop that never contacts the Internet whatsoever.
But if you can do what's basically considered dual boot, which is what I have been doing for many years, then the idea is that, okay, my online activities, the files that I'm willing to have be hoovered up by anybody who can reach into my computer through the Internet...
I'm only gonna let files I'm willing to lose in that manner be live and connected to the Internet at any time. Files that I would much rather not be hoovered up through a live Internet connection, I'm only gonna access those files in a booted environment that I'm not connecting to the Internet.
It's sub optimal, the optimal thing is to have two separate devices, one that connects to the Internet and one that never connects the Internet and you do your offline cold air gapped file operations in a computer on a device that never connects the Internet ever again.
In the absence of that luxury or the convenience trade off of saying, okay, well, I'm gonna just use one device, but I'm gonna have an operating system that is live and connected to the Internet, and those low risk files I'm gonna allow to be open and decrypted in that environment.
And then the sort of cold files, or the offline files, it's not a perfect air gap, but at least it's an operating system air gap.
You would get the same effect by using what's called a virtual machine which I've used as well.
So there are multiple layers.
I would be running a permanent operating system with virtual machines operating within that host.
Alternatively, I would then boot separately not technically a dual boot but booting separately from a live disk or from a usb drive, this TAILS operating system which doesn't write any files to the hard drive so whatever you type, whatever file operations you do, the record of that, the memories of that, they only live in that temporary use of the memory, and then proof it disappears when you shut it down, or you pull out the drive or whatever.
I'm giving that narration because I was still relying on the crutches. I was still weaning off that daily driver dedicated hard drive operating system, which I would be attached to, and wanna wanna fight for.
It's necessary to leave key material to log into a server. So there's just a lot at risk having that. And it took me a while til recently, to say, okay, I'm gonna give up on that a hundred percent.
I'm gonna walk away from it, even though it's convenient and I'm attached to it.
I'm gonna go 100 % using the TAILS operating system, which means, there are very few persistent is the word, configurations that you're allowed to have using that when you boot up this live operating system.
If you want to change the background, you have to change the background every time, there are ways to write scripts to do that for you.
So eventually I'll get to that point where a lot of the configurations that I will wanna have, I would just be able to then press a button and get it all to load the way I want it to.
There are some built-in features for that as well, which is great.
But, I mean, I'm a raving fan. I really enjoy this.
Now I realize the most responsible and most intelligent thing I can do if I wanna be free from the fear of what could happen if my laptop gets messed with by anyone, I don't have to worry about that if I'm using TAILS, and I can not worry about the laptop being seized, stolen, hacked, whatever.
So moving to this 100 % TAILS lifestyle, where it gets very interesting, is that I can run the same applications. I have to spend a little bit more time on startup to kind of reset the configurations, which, again, I can do with a script.
I have already started doing that. So it's still worth it, no matter what. It's worth it to me to spend a few extra minutes at startup to configure the apps I need to configure, because rather than having all of everything be living on a laptop hard drive, everything lives on a micro sd card that I can run on any computer anywhere.
So now, again, not only am I freed from worrying about what happens to my laptop, I'm freed in the sense that I can plug this micro sd card into pretty much any modern computer and have it automatically detect the hardware and load the drivers that needs to load in order to boot up on almost any machine within reason and give me my private temporary experience where I can access my files, I can run and load the software I wanna run, and there's no checkpoints with any of it.
I can do it completely cold and offline, or I can fire up the tor connection, and I can be connected to the Internet and doing what matters most.
Where this gets really interesting is in the procedure to connect to the server that I run to host this show.
So I'm gonna speak about this, try and make it as much of a story telling experience to where you didn't have to have prior knowledge of any of these technical details and its technical language, but to appreciate the journey I'm trying to make this as cinematic as possible.
Try to dramatize it, if I can. But the idea is, if you're using what's called SSH to log into a remote server let's just say if I wanna, publish an episode of this show, I wanna log into my server, not through a fancy front end, which is highly hackable and just too much going on, a lot of attack service. I wanna eliminate all that.
So I eliminate the graphical user interface. I eliminate that shared hosting environment sort of panel that is provided, or that you can license in order to have all these buttons and all these widgets and whatnot, all these wizards so you don't have to do things from the command line, is what it's called.
But I've learned enough to appreciate the command line. Appreciate writing in simple commands, typing everything out with no buttons and no icons and no drag and drop, none of that fun stuff, no graphical user interface, pure commands.
Just do this. Don't do that. Go here, go there. Everything is typed in.
I've gotten into that habit, and it is to me, a blessing because I know now more than I ever did or ever wanted to know how much vulnerability is added with every layer of abstraction from the command line. So if I'm running my server through what's called a shell. I'm connecting using SSH, which is a protocol for me to communicate with that remote server, to log into it and then communicate and give it directions.
Then how do I, over the tor network? How do I using the TAILS operating system...what's the strategy for maximizing the safety and security? Because, to be honest, still putting all my trust and faith in the integrity of the TAILS version that I downloaded, and it's security patching, and it's being up to date, and the checksum file integrity of the ISO file.
I'm getting into too many technical terms, but you download a file, how do you know that that file was not messed with in transit and that it wasn't tampered with and doctored as you're downloading it?
It's possible for malicious actors to intercept a request and insert or remove things and create malicious back doors, whatever anything, they can do anything.
So there is a way using a hash function to get the the file signature, basically to have a hundred percent certainty or near a hundred percent certainty that there's just no chance in the known universe that the cryptographic fingerprint or signature of that file you downloaded...
As long as you trust where the checksums are listed, if you trust that, and it's worth double checking that from different networks and different devices, so that you have more than one way to validate that those checksums match.
But basically, that's the story, the lay person story.
I you're gonna download a file, you have no idea if you're downloading it from the right place, or what's happening to it as it's being downloaded.
And once you have it downloaded to your desktop, how would you, without some sort of digital signature? Or even, I like to say, like a DNA test. If the file is an exact copy of the file you expect to have, then doing a DNA test on it that's a proof that it hasn't changed, that it's the file you're expecting to get.
So essentially that would be the lay person story.
Do a DNA test on all your files to make sure it matches the DNA of the parent? That's even a better way to think of it. You're getting a copy of a file. You're gonna if you want to do a paternity test to make sure that file you downloaded matches the DNA genetically, it is actually a product of the server that you downloaded from.
There is a way to do that, it's a mathematical algorithm. It's called a hash function. And so you have to go through that process.
But I'm still trusting, even if that's done properly and correctly, and I trust that process, there's still always a chance that I'm running this operating system and I'm trusting connecting to the tor network. I'm trusting even being connected to Internet connected at all.
And so I'm putting a lot of faith that the SSH keys that I used to log in the server, which basically there's value in it being public key cryptography, and not just a simple user name and password, but really it's just a much longer password. It's a plain text, very long password, which means, if you have that file, if you have the private key file for that key pair that is the SSH keys, then basically you have my password and you can log into my server and you can take it over and turn into a zombie run malware site or just humiliate me or whatever.
So I have that concern. Running an SSH public private key pair authentication scheme for remote server is always a risk factor. It can be theoretically more difficult to obtain that private key, but really it's just a file with the long plain text password. So anybody who could reach in your system for any reason, through any vulnerability that you're unaware of, they can grab that tiny file, and then they can log into your server and impersonate you and take over everything.
So there is another factor, and, yes, no pun intended, a second factor that can be used which is a hardware security device.
The thing that is most timely for me is getting the TAILS operating System to work so that I'm able to take advantage of the support that it currently has, built in native support for using a hardware security device in harmony and conjunction with the SSH public private key pair, that there is a crypto dance that takes place.
That allows me to not only log into my server with the with the SSH private key, that private key also interacts with the hardware security device.
This is something on my person, that I can fight and die and take a bullet for, another small piece of jewelry hanging from my person.
You can no longer break into my server with just having stolen the private key that used to live on my laptop and now lives on an encrypted device on my necklace. But you would have to have both the hardware device that is somewhere else on my person and crack the encryption on the micro sd card, and then steal the private key that's on that, and then match that with the hardware device.
Then basically you have cloned me. You've killed me. You've knocked me unconscious. You've seduced me with the honey trap or whatever you've done.
You've got me separated from my physical keys and my digital keys, and now you can get into my server.
But unless you do that, you can't just steal my laptop and get in my server.
You can't access the files on my laptop by hacking me through the Internet.
If you do, you only have one factor to get into my server, which is that private key file.
That private key file no longer lives in my laptop. So if you take the laptop while it's not connected to the Internet, you have nothing to get in the server with.
You have zero factors to get in. If you hack into my laptop while I'm online through the Internet, and you're able to extract that private key file from the Internet, then you have one of the factors.
But you can't reach through the Internet, the live Internet, and grab my hardware security physical device, my physical key that you cannot do yet, that you would have to fight me for.
And once again, that completes the circle of this whole horror story, this whole scary story for Halloween, the things that I have to fight for, the things that if I have to fight for my life and fight for my digital life, that fight is gonna be down to the bone.
It's not gonna be over my laptop. It's not gonna be over some appendage that I can't secure, attached to me, attached to my body.
I'm not gonna have my laptop be surgically attached to my body. I'm gonna be willing to let it go. And so this is, to me, a very important step towards liberation as a fighter, someone who is gonna go places, high risk places, and is always at risk.
We're all at risk of being mugged wherever we are, even in the suburbs. If you're in the suburbs or even in a rich neighborhood...I've been all over the place, all kinds of different rich neighborhoods, poor neighborhoods, whatever, working for clients that are rich, living in the hood, whatever it is that I've done it all.
I never like to feel like I can't enjoy my life, because I gotta worry that the keys to the kingdom are in a laptop, in a trunk or something like that.
So this is the first time ever in my digital life where a laptop truly is interchangeable.
This is a laptop. There are many others like it, but this one is mine.
It's more like this is a laptop. There are many others like it and any of them could be mine.
It doesn't matter, because all it is doing, all a laptop is now is a screen and a keyboard.
I don't even need to have anything on a hard drive at all.
In fact, there's no reason for me to have anything, any files on the hard drive whatsoever.
I'm using that space just as backups that are encrypted, so it's just an extra backup.
But I wanna get to a point, and I will get to a point where I don't even have that on there.
So I really have nothing to lose, and nothing to be concerned about.
All I'm using it for is the memory and the screen and the keyboard and other than that, the operating system leaves no trace, and it runs from a micro sd card, that card is encrypted.
It's got the private keys for the server, but they're useless without the hardware security device, which is also on my person at all times.
Therefore, if you wanna come at me, you have to fight me to the bone, really, to get that material.
And I don't think I'm that much of a target, although anybody who touches crypto, even if it's not worth as much now as it was before, or whatever, you have to be thinking about and be prepared for not just being phished for your crypto exchange login information, but there are people who know where you live.
Because maybe you bought something and you put your actual physical address to have something shipped to you. There are a lot of people in the industry who've done that, and they know what it's like.
Some of them get selected, and the criminals come and they target you, they will turn you upside down, shake you upside down for all of your all of your hardware keys and all of your usbs and everything, because it's worth it to them to attack you for that.
Again, my threat model, and my security model is you're gonna have to wait to capture me alone and that's gonna be harder and harder to do, because I'm rolling thicker and thicker these days, so you're gonna have to come at me and be ready for a team sport, because it's gonna be like that.
But that's a good security posture for me to have, because for three years, I was alone in the desert and if you wanted to take all my money, you could find me in the desert and do a $5 wrench attack and and have me fighting for my hardware device and my private keys and whatever else.
But that is the horror story I never wanna have to tell. I don't wanna have to tell a story of I was attacked.
They got my laptop, they got my vehicle, they got my money, they got my wallet, they got everything in my pockets.
But they didn't think to ask, what was embedded in a paracord necklace with a little container on it.
They weren't crypto savvy and they didn't bother. They figured I could maybe fit a few dimes in there, but they didn't think it would be a wad of dollars. They overlooked that, and that's what I'm hoping for. So not being low hanging fruit, not being an easy target.
Again if you’re a sophisticated attacker who's aware of the value of crypto, and you know that, hey, even if it was what they call a brain wallet, even if I was so paranoid that I memorized my private keys and there was no other way other than to torture me, that happens. And people will be tortured for their secrets.
No joke. My net worth in crypto is really not that much so probably isn't worth your time. Definitely isn't worth the time that you would get in prison for assaulting me in that way. You're gonna have to wait for me to be far more successful for it to be worth your potential prison time, or even your time out of your life to bother with me at this point.
So I think I'm doing pretty good balancing all things, everything in perspective, and all things considered.
To me, this is a major accomplishment to ditch the hard drive based operating system and go 100 % TAILS.
And a major accomplishment to do that in a highly confident manner, using the hardware security device as a second factor for remote server authentication.
So if you're not scared to death from hearing all this, then happy Halloween.
And hopefully you have some ideas of things you might implement in your digital life.
And hopefully we're never in a street fight to defend our digital life or fighting each other.