Don't be fooled ... Occupy The Web (OTW) tells us the hard truth about being anonymous online. The brutal truth: Will using your neigbors wifi keep you anonymous? Can you hide from the NSA? Can you hide from Google and other companies? Will Tor help you? Will Proxy Chains help? Which phone do you need to use - Android or iPhone or something else? Which operating system - Windows, macOS or Linux? What is the truth? What do you need to use? // Mr Robot Playlist // ruclips.net/p/PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RUclips: ruclips.net/user/davidbombal // Occupy The Web social // Twitter: twitter.com/three_cube // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw // Occupy The Web books // Linux Basics for Hackers: amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh Top Hacking Books you need to read: ruclips.net/video/trPJaCGBbKU/видео.html // Other books // The Linux Command Line: amzn.to/3ihGP3j How Linux Works: amzn.to/3qeCHoY The Car Hacker’s Handbook by Craig Smith: amzn.to/3pBESSM Hacking Connected Cars by Alissa Knight: amzn.to/3dDUZN8 // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming up 00:51 - Don't use the nighbour's wifi 03:02 - OccupyTheWeb books 03:44 - How to remain anonymous on the internet // The NSA is watching 09:56 - Be careful of your browser 13:35 - Turn off cookies 15:41 - ProxyChains and Tor demo 22:10 - The FBI story 25:30 - ProxyChains and Tor demo continued 28:36 - How to remain anonymous 33:05 - Using Starlink 36:18 - Recommended operating systems 38:34 - Untraceable phones (burner phones) 40:05 - VPN vs Tor // Don't trust free proxies 42:29 - Don't keep systems together 44:24 - Recommended e-mail service 46:53 - Bitcoin is traceable 47:58 - Anti-forensics // How to clean systems 50:41 - Recommended search engines 51:34 - Have different identities/systems 52:26 - Conclusion
Over a decade ago I took a class in network security that was taught by a retired navy intelligence officer. One thing he taught us that has stuck was: "The only secure computer is one that is not connected and can not be physically accessed. Once a machine is accessible, it is no longer secure. The form of access doesn't matter -- physical access, network access, it all compromises the security of the machine. The line you will need to define in your future career is going to be the line between secure and accessible. A machine that can't be accessed can't be used, so while it is secure, it isn't useful. The more accessible a machine, the more usable it becomes -- and the less secure. The policies you write for your company are going to be a negotiation of that line between accessibility and security."
He wasn't aware of air-gap techniques used over 10yrs ago to communicate with any device via WiFi or Bluetooth. The device did not need to be connected to the Internet as whatever it was near could report the proximity. If you removed all RF devices and never plugged it in, you might find that people marked as targets would have to use something like USB storage to view files. Depending on the sites they were obtained from depends what was in them and what they did. Your off the shelf firewall will not help. The only decent firewall for stopping NSA and GCHQ was by Kaspersky, but they were also spying on you!
thats so true, just look how the sildroad dude got arrested, social engineering and boom, iirc he had a panic button on his laptop that would normaly brick it but he stand up and helped that woman ... crazy if you think abt it.
What I hate about the NSA the most is that they’re letting too many abusive cybercriminals get away with stuff these days but common people still have suffer online privacy issues.
And rich people can get away with not paying millions in taxes while you and me will get audited for not claiming $700 on our taxes. Best thing to do is accept it and adjust you actions accordingly. Unless you are born into that elite ultra-rich class of people you're screwed. Even if you cold earn or steal enough money to be considered one of the top tenth of a percent of the wealthy they would know you came from outside of their class and not going to be accepted into the club by your wealth alone. The one thing we have to get over the ultra-wealthy elites is something they are doing everything they can to disrupt is our numbers. If we could all just come together as one unified people against these elites then they could not stop us from taking them down. But that's not likely to happen is it? We are kept splintered into little antagonist factions at every level: Politics, race, gender, coke vs pepsi, you name it, the elites are behind all efforts to label us and wall us off from the one thing that is more important that those manufactured labels and unites us all into one massive collection is our status as human, non-elite. Or what I wold call human, if you allow me to consider the "elites" as non-human. They seem to lack humanity so I think it applies. Keep up the fight and don't let the bastards keep down my bother.
Reminds me of some lyrics from dude named Daylyt "Who all up on the deep web? My P.O. , yeah we know" Yk the british empire and its network of financial monopolists were the ones who invented global narco and human traffick. They been laundering money from all that sht before it was even illegal . You best bet their successors the globalists are profiting from and enabling all the criminal sht that goes on on the dark web .
Nice video Dave. But strange you're not discussing Tails OS. Get a cheap or second hand laptop with 8Gb RAM (the more the better), a bootable USB3 port (almost al laptops from five years or younger have that) and a USB3 thumb-drive and you have a quite quick anonymous machine....
Absolutely love David's channel and wanted to add to the OPSEC recommendation of not carrying your personal phone with u to buy a burner- even more important than that caveat, one must NEVER carry around both your personal and burner phone with u at the same time. Any 3-letter or law enforcement agency can create a map of date & time where both your devices are pinging the same celltowers at the same time, thus tying u to the burner with circumstantial evidence. I like to think of the personal cell and burner as your wife and mistress, both should not know of each other much less be in the same place at the same time. And no, this wasn't a reference to infidelity...stay safe
Yeah, and leave the burner on airplane mode unless you actively need to use it. IMSI catchers are deployed at most protests these days, if your phone isn't reaching out to cell towers it won't connect to a Stinger either.
My motivation to keep fighting for my privacy is that shit might not happen now, but in the future when my life is a lot more meaningful to me, they might also be a lot harder on how they control us. I hate being controlled, so I decide to learn and do now so I can be ghost later.
And this "guru" is not very smart. A lot of gaffes. @bulliontoy. Yup: Doesn't use filename completion. Doesn't know it's not necessarily a bug to not have a (public) IPv4 address when on TOR.
In the uk, a guy gets stung for trying to meet children online, all while another police department are watching and gathering evidence on his neighbour who has stolen his identity, and is posing as him to meet children online - they let the innocent guy's life get demolished because they didnt want to blow their case, he lost everything - so yeah, they know if you use the neighbours wifi
I wonder if they'd know if you use some random other person's wifi some distance away, by using wireless-to-wifi relay. Imagine a battery-powered device with something like a RaspberryPi, the wifi connects to someone's wifi, and a wireless adaptor with a sim card to get on the phone network. Dial that phone number and you're using that other person's wifi from miles away.
Much, MUCH appriciation to the both of you David. As a aspiring Cyber Engineer, it's like you guys answer all the little and big questions I think lol Thank you!
I usually can't sit through long videos but I have to say, listening to OTW kept my attention to the very end. David, you did a great job in allowing him to share his straight forward and easy to follow info on keeping safe online. You asked the right questions and summarized in a succinct manner. Excellent!
@@davidbombal thanks for what you do. Simply the best. you guys with OTW owe us an interview with a Ukrainian hacktivist that are defending their homeland from russian cyber invasion on top of kinetic invasion. You had an interview with a russian young dev. And this is not fair. Give Ukrainians a chance to speak out.
Another great video... The limitation of this technique, is not being able to use burpsuite for MITM and proxychains... However, adding a SOCKS TOR proxy to burpsuite, diverts outbound traffic through the TOR network... without proxychains
This was stuff being talked about 3* decades ago in the early 90s. What is being described as anonymity here, is really pseudoanonymity. There is no such thing as actual anonymity online. I like to think of the internet as standing in a conceptual digital square wearing a name tag. You can put a disguise on and cover your name tag, but if someone really wants to know who you are, or someone who already knows you and is paying attention comes along your efforts are for nothing. You are more anonymous in real life than you are online. So if you're looking for privacy, the ultimate hack is to take offline and into the real world everything you can.
It's funny, how I tried watching Mr. Robot around the time I started my cybersecurity journey and I thought it was a good show but started losing interest during season 2. Fast forward a couple years later and countless hours of studying pentesting, I decided to restart the series a few days ago and its way better than I remember and so many of the small references make sense now lol. Including the exit node scene from episode 1.
I’ve cut back on fun spending because all my budget items have increased. Utilities, gas and food keep going up. Summer is expensive anyway. Great video!
great interview. as OCTW said...even he...is not anonymous to some people that have resources,time and skills. great interview Dave. Great presentation. i believe you must create a course for footprinting etc. or even as an end user..if someone attacks you , some basic forensics and if you have a chance to find by yourself this neighbour ...it will be valuable.
I think we need to shift the conversation from the ideal of anonymity to the practical compromise of pseudonymity, and just use anonymity as a benchmark for evaluating different identity defense systems. Only the designers need to dither about the Philosophy and formal logic. Everyone needs an optimally engineered solution.
I used to work in intelligence over ten years ago, and everything he says checks out. These are all things that were taught to us. I remember reading the public case file that came out after the Silk Road bust and learning that DPR used the same cafe every day to do his browsing and I was like "uhhh, classic mistake..."
This is a lie. Police in the US don't go around knocking on everyone's doors just because someone in the area hacked from a nearby IP. No judge would be able to approve such a warrant.
Yep. Unfortunately, people are creatures of habit. Unless you are willing to go completely off grid in the middle of nowhere and forego nearly all electronics it is nearly impossible to not be traced somehow today. Even if you go off grid I am sure any of the major government intelligence and law enforcement agencies will find you if they want to. Facial recognition still has a ways to go, that we know of, but with cameras everywhere these days who is to say they would find you just because you unknowingly walked by a web cam or came up on a picture someone took where you just happened to be in the background somewhere.
I think doing this is possible, you just need NOT TO sit in the cafe, you can just live in the city with a high population, craft a wifi cannon, decorate it so it looks not like wifi cannon, and here you go!
This episode has confirmed many of my suspicions and opened my eyes to a few more. Thank you for sharing some really good information. Great video from an awesome channel 👏
Another thing that's important is to never mix your hacker life with your public life. That means as an example; If your turner phone is located where your private phone usually is located, that would be a no no, even if your private phone isn't there or off at the time. Treat all of the things you use that can connect to the web or to a phone company as a node and make sure that hacker nodes have never been online in, around, on the way to or together with any of your private nodes. If they have, you can get rid of them at once. This is one of the reasons why there are schools for these kind of government operators. It's also the reason why people who are working under these kind of rules don't do much else than this work. It takes up a lot of the time each day, just to do the smallest thing.
It's only the black hat hackers trying to hide their nefarious activities. White hat hackers would rather be known and get notoriety that they're good and make much money.
Good news is there is whole world outside internet which doesn't care at all what happens online. Most of us forgot that and don't know how it works even.
I don't try and be invisible, but I do poison my data with many un-me activities anytime monitoring is possible. Exactly the same method for dealing with AI. They use your interactions to further train their models, so take action to break them with inappropriate feedback to the "AI".
Back in the day when email was first practical, people were concerned about NSA, FBI, etc reading their emails, so some percentage of users changed their signatures to include words like bomb, gun, and explosives in order to poison the well and make the scanning machines scan and store worthless emails as well as any that might be interesting.
@@SpaceCadet4Jesus that was back in the day before supercomputers were invented and huge amounts of disk storage cost huge amounts of money, and there were no giant database indexing engines. Desktop PCs commonly ran on 8" or 5.25" floppy discs, and if you bought a really expensive PC it might come with a 10Mb hard drive. The theory was that the more traffic they captured, the more the system would be bogged down and the less useful it would be. These days, that's no longer true. Anyone can go online and buy a 14Tb (or larger) drive to add to their PC. Government agencies have petabytes of storage and fast search engines to process it.
This is so interesting and informative! I’d love to hear more about using Linux as I’m a newbie :D this was so interesting and remaining anonymous is definitely not something you can do by purely using a vpn and I’m so glad you touched on that ! 🙌 great video
One thing that i’ve heard about cell phones is that they can be tracked even when you have the phone turned off. Two of the safest things you can do is simply remove the battery when you’re not using it and use the phone ONLY for outgoing calls. If you’re using a device such as a tablet and you simply can’t remove the battery to wrap it industrial grade tinfoil. Not the cheap stuff you get from the corner store. It will help block any incoming or outgoing transmissions. Keep it Wrapped up at all times unless you’re actively using the device. As far as protection on a laptop. Use an old laptop without any hard drives period and boot off a USB drive running a security version of LINUX. Tales is actually a version of Linux. You can also create a custom version of Linux if you’ve got the skills running off only a USB drive. Remember the laptop itself doesn’t have any operating system on it period nor any storage devices. Folks can’t steal information off of something that never existed in the first place. And when you remove the USB device you could hide it god knows where. It could be in a hut in Brazil or in a igloo in northern Canada. Thats for you alone to know.
A lot of this stuff is very logical if you know a little bit of how the basics of the internet work (ie. DNS, IPv4, ISPs, etc). I'm just a normal IT guy thinking of getting into Cybersecurity and I spent a lot of time thinking of how to stay anonymous and I kept coming up with "nope can't trust that, or that, someone else owns it, so they can probably see it". This video really validated a lot of what I was thinking which is what I kind of needed to hear. Thank you to David and OTW for confirming that becoming anonymous while invaluable is incredibly difficult and is really all about what's it's ultimately worth and to who it's worth considering all the breadcrumbs that become so easy to leave behind. It really takes a lot of effort, intelligence and constant awareness to stay anonymous.
Glad someone spoke clearly about the use of AI in assessing & using our data. It does seem like AI tries to think ahead for us. It does seem intrusive. Just because I'm thinking about holiday cookies, doesn't mean I want them to pop up in adds everywhere. At first it made me scared that some mind-reader or psychic was harassing or targeting me via my phone. That's just how it can really feel. Especially if "push alerts" are not controlled.
What I like about this episode, apart from all the very useful suggestions, is the constant warnings about how how difficult it is to be 'hidden' online! This is so very true. The mention of of having multiple identities and completely different behaviors in the different identities is very important. Note: Having different identities for social media and emails is useful anyway to help protect you from 'trolls' and people who like to 'bully' you online. Thanks for sharing this it really is very useful information indeed. :)
@@Neighborhoodcarpetcleaners You are confusing me with someone else. I only use this userid on YT and similar services. I only reply to people in comments. I don't like harassment or bullying done to me. I don't do it to others. Beware of the 'troll's. They user similar usernames to confuse real people. It is what they do.
If you want ultimate PERSEC where you'll never be caught, then you start here: buy a laptop with a gift card or cash. Giftcard should only be bought with cash and a mask on. Also make sure you made it to the store untraced by any public recording cameras where it wouldn't see your face or a license plate perhaps. The laptop should be used with layers of encryption/VPN, and in a location far from your house. Once you have what you need, your files should be placed in an external harddrive outside the laptop. The laptop should be placed inside a faraday case and hidden away. The location you're at should also be untraced by any public cameras that could see your vehicle or face. But with the layers of encryption, it would take government hackers too long to trace the location. And by the time they do, you will have been gone for days.
"to help protect you from 'trolls' and people who like to 'bully' you online" - just don't create any social media profile. If you can't be without one, just don't put any personal information there (names, pictures, address, real friends, anything personal). You don't need to have "different identities"
First rule, always use a private DNS under your own control. What isn't talked about is how quickly you are identified by your meta-data. Lets say you go to a public terminal leaving all electronic devices at home. You will quickly be identified based on how you type and what sites you go to. How fast you type, how you spell, your grammer and more are all part of "how you type". This meta-data is so unique as to be close to a fingerprint. Combine that with which websites you visit in what order and you are known. He talks about turning your phone off, that doesn't protect you. A smart phone has 2 cpu's. The one that operatea the smart phone and the SIM card. The only way to turn off the SIM card is to remove the battery, which most modern cell phones don't allow. The SIM is "pinging" (not the ping command) nearby cell towers every few seconds. This means that every devIce with a SIM is continuously located. Most modern cars have a SIM.
@@rpm10k. If you google "SIM card" you will find out that it is also known as a "UICC" or Universal Integrated Circuit Card. You will then find out that the UICC "consists of a CPU, ROM, RAM, EEPROM and I/O circuits." You may also find some XRay pictures of a SIM card that show the tiny little cpu in it. Phones are starting to switch to "eSIM" cards, which just means that the separate cpu in on the phone and can be 1 or more virtual eSIM's. The baseband processor is not a modem, although it can provide modem functions.
@@Slackware1995thanks for the info about CPU in the sim cart, but I saw an interesting line in your comment, "Use a private DNS server". What do you even mean by that?
@@Cubic_cathe meant that whenever you need to get an IP of resource you go to DNS server, which resolves names to IPs. If i manage to point you to my DNS server or hack current one, i will be able to fish your credentials from fake facebook for example. Did you catch a point?
I guess it is all how you individually look at it. Because if you payed attention he spoke alot on several different topics on how to remain anonymous. If you can understand what he is saying or recommending you need to learn more basic services
There is no true anonymity on the internet. OTW said all that you can only do, is place up hurdles. You can only be as anonymous as your ability to be too expensive to trace. A government who wants to find out who you are will find out who you are.
Thank you two for this interview and the hard "pills". Also, I still stick with FF. Not only for "privacy", to avoid monopoly of "chromium" as well. Use Brave is keep the monopoly of Chromium.
The mention of Brave feels like an ad lol. Brave has analytics (worse than Firefox). This guy seems to have pretty juvenile understanding of opsec, but a juvenile understanding is plenty enough if all you're doing is talk shows and hiding your commercial identity
These statements about whoever controls the last node on a Tor circuit, controls the network, is in sharp contrast with Dr. Mike Pound's(who appeared on this channel) video on the Tor network. Dr. Mike Pound states that if you control the last node and the Guard node(the first node), yes it's possible but VERY VERY hard to work your way back to the originator of the traffic sent. Occupy the Web makes it sound like it's could all be done from the exit node. This is blatant hyperbole and sensationalism. Dr. Mike Pound is one of the premier professors on the subject. I'm more encouraged to believe him over anyone else. Also, If the Tor network was that easy to compromise the identify of people just by controlling the last node, it would be useless.
I worked for a security company for a while. Some of the guys there used to host tor nodes specifically to monitor the traffic in order to see what hackers were doing now. Just to keep ahead of the game. In fairness to this video. He didn't claim that controlling the exit node gives you the user's IP. But like he said, that's only one way to find you.
@@hunglikeahamster How does hosting a Tor Node allow someone to see what "hackers are doing"? The traffic is encrypted and those people would NOT be able to descrypt anything since they don't host the node before or after the one they are monitoring. What information are they going to decipher from that monitoring??
One of the best shows, by far, that I've had the pleasure of watching. He presented so much honest and factual information that one would be neglectful for not heeding his advice.Very good show, David and I look forward to more in the future.
Thank you David and OTW . I have already received the the books you mentioned. Best teacher and best IT youtuber. Waiting for more episodes like Pegasus. Thanks for your information and knowledge.
What is your opinion on the theory that the more you try to “hide” (no social networks, no unencrypted traffic and alike) will actually make you pop up in certain surveillance monitors and makes you a special target? According to this theory it would be better to simulate a “normal life” and hide only specific traffic in there…
Well, if we include the IOT Internet of things , you could mask highly sensitive data in what looks to be FOB/ GPS tracker / babycam type of traffic, e.g. mimic the packet size and frequency of transmission to match such devices. Depending on how much of telemetry you can disable from sending then not actually connecting to social media or Google ID trackers would be in line with IOT devices comunicating over the web. But yeah, if you don't know how to fully disable windows and browser telemetry AND it appears you're generating traffic that avoids connecting to Google & Facebook servers then that in itself could be considered highly suspicious because most people wouldn't know how to disable traffic to these platforms
Its too late... any change to it NOW is not gonna make it better. Info is already on the internet... That is not gonna get rid of Even if you go to the extreme and change names, address and what ever else could be changed in reality (excludes DOB), it still won't change anything that is online before the change was made... I guess, it would limit finding out, but these days if the governments want to profile bits and pieces of people, they will have no problem doing that. There will always be some ''key' piece of info and evidence they can get hold of "Peron X just changed their name to Y" so there is a link we can use.. You really only get one chance, and from then on it will never be the same.
thats the point with ppl tweaking their browsers to be "absolute anonymous" meanwhile EVERY website says bro just use the STANDARD browser settings with some addons and thats it.
It's not, without cookies a vast amount of the web needs significant rewriting to maintain functionality. The only way you could say that is if you considered logging into a website a type of tracking too.
Wild, I was JUST pondering this very question two nights ago. I've used Tor on and off since maybe around 2007 and since then, I've become a sysadmin. I'm always thinking about cyber security and how I can improve it. I figured the NSA pretty much had a handle on Tor. Good info in this vid, thanks!
I think that it might be impossible to be anonymous, because at the Hacker conference we talked about a lot of other things, VM's,Screen Size, hardware heuristics, browsers. And the US three letter folks can crack all of these. The speaker was hiding from Russia and other cartels that his jobs was to attribute crimes to. He said he could not defeat the US cyber hounds. Even if you beat them, your traffic is the only one that is Anonymous. You then stick out and they can watch for that traffic. Hiding in plain site is the concept that would be the best chance of obfuscation. And staying on the move. And like the guest mentioned using starlink. And please don't do bad things in cyber space. Thanks for the great content.
I wouldn't trust Starlink, or anything coming from Darpa-Musk...Research in depth. As per Duckduckgo mentioned in this video, it was OK until Google bought it.
He is actually not giving away much information. He just goes on and on about how "they have other sources than the IP-address and so on". He doesn't get into what other sources - only that you have too understand them. This seems to be more of an hour long ad for his books and him.
I agree with you bro he should have 10k+ views always as his content is amazing! But I gotta ask what is paid information? If you mean that others have taken the information and packaged it into a course to sell. Then he doesn't sell courses it's more like a show. Also, all of the information is available for free, and has been for decades, online. Actually, if you want to learn more in depth dude, continue watching David because he is great! Lol but also, follow some documentation that you have to read and do actions. Make a target and figure out how you can achieve 🙃
I just want to tell you OTW, that you are a great source of information and knowledge. I now understand how dangerous is the web. Please keep giving us more feedback on forensics/wifi hacking/ tracing bitcoins and tracing scammers!!!
On a dedicated flash drive, run a trimmed OS, custom configured for only the interface you plan to use. Complete with only the drivers for the exact devices installed, and any additional drivers for hardware you might use. Cut the OS to the BONE. Pre config to he is your swap file, set to a second flash drive, yes, a separate drive, not a separate drive volume on the same physical drive. Use Tor or another alternate connection method,, ( if using the neighbor's wifi, use at least 3, hopping thru three different homes, ideally choosing neighbors w/ 3 different ISPs ,)then running the chain link, then, share your connection to a secondary device, connect to the Internet thru the provided link, then , run tor, run chain link...profiles are the key. Create profiles of people who naturally would be searching for what you'll search for. Health- a mother, "how to.." a tinkerer, a 'maker", a jr reporter. Don't forget to make a few with your same name, and build them up on social media. Because they know you exist. You HAVE to be on the internet SOMEWHERE, right? Or dead....
An even better method would be to have multiple usbs with a cut back os that you cycle through or have multiple custom images configured with different browsers and different apps to create a new fingerprint. From there ideally you connect to a computer that's in a botnet and running a vm for additional anonimity and you wipe those vms after and connect to a different machine in the chain later. From there a tor network/i2p for yet another layer but that's probably too extreme for the average user.
How David still doesn't have 10M subs is beyond me. I subbed when there was like 500k, and I am very happy to see him having nearly 2M, and proud to be part of this community of secure conscious folks. You don't have to be networking engineer or even IT. Just realize that big part of everyone's life today is in the internet and you should be interested in this topic.
I’m super critical when it comes to seeing how someone “moves” around the file system using the terminal. I hope he was being deliberate about everything just for the sake of being clear to people watching because it was telling if not haha
I love what you do boss , always I have to come to your channel at least once a day , one of the people that making change for the good in this world . I really have an immense respect to you Sir .
I'm someone who greatly values privacy and take many measures to protect my privacy. I don't do it because I have something to hide or whatever. I do it because I find it greatly disturbing the amount of data these companies are harvesting off me. Also, even if you claim to have "nothing to hide" and that's why you don't care about privacy, you're putting yourself at risk by potentially getting framed or arrested for something you didn't do, all because you're in a vicinity of the actual culprit or you simply look suspicious or even just look like the actual guy people are going after. There have been plenty of real life cases where unsuspecting innocent people are getting charged for crimes they didn't commit. That being said though, I'm not someone who's aiming to be completely anonymous. You have to sacrifice far too many things, I'm not willing to give up. I try to strike a healthy balance between convenience and privacy. Even just doing the small stuff can make a big impact. Like using a privacy respecting browser on top of using privacy enhancing extensions, or using a trusted VPN like Proton VPN or Mullvad VPN. If you're on Windows and don't like Microsoft spying on you, then you can harden Windows by using free tools and disabling all the telemetry they're gathering off you. For even more privacy, you could go with a privacy respecting Linux distro. Speaking of OS', you can install a privacy respecting android OS on your phone. These things for the most part are pretty small, but they all add up.
Ryan doesn't know that there is no agreed standard for encrypting mail sent between ISPs so it all goes as plain text. Protonmail can see everything without the need to decrypt anything after they encrypt it for users. Law Enforcement love it. He confused End2End with Encryption2Server. This is a common mistake.
@Israelisnotourfriend actually, if you missed it or you had already stopped watching, at 50m 50secs on the video timeline you will find them telling what OTW would suggest using as an alternative browser solution@Israelisnotourfriend
@Israelisnotourfriend They said the alternatives, you just didnt listen. And its not about "dont use them" Its about "dont use them if you want to remain anonymous" Most people dont care about their anonimity, which is fine.
I like the way that you gather things for good purposes and you do. It encourages me to see any video you create, Sir. I highly appreciate your work. Keep going on.😊👍
Wow, I unfortunately was the last generation as a kid that didn't have internet. When I was 7 i had my 2nd major surgery for a serious heart defect at birth, I had a tutor and was very smart, I seriously still remember my 2nd grade teacher's name b/c I completed all of the assignments she gave my tutor. I got to school in October and My class was on Long division and double digit multiplication , long division. I wasn't. I tried so hard , My big brother was in HS and homework would 6 hours 3 of which crying. Teacher said I wasn't trying or disrupting the class and put me behind the filing cabinets. ( i was on high school reading & writing level and my grammar was far ahead of a grade school kiddo). They wouldn't keep me back and that was their error, They kept passing me through grades even though I sucked at math & science since 2nd grade, I begged to be kept back. Most of my friends were one or 2 yrs ahead or one below, ALGERBRA KILLED ME, and I struggled with geometry. I just stopped going to classes b/c i liked algebra and with my brother I could do it but w/o at school the teacher called me a pot head. We got computers and were on Dos. I to this day understand what you are saying completely but have no patience b/c my accounting math is to the penny, I think it's because NO ONE HELPED AND I ASKED. WHEN WE GOT COMPUTERS IN HS. DOS SYSTEM, I HAD ONE YEAR AND MY BROTHER HAD MOVED OUT WITH HIS FIANCE and my home life was so messed up I spent 2/3 of that yr with my best friends family and was put in senior math, The teacher pulled me aside and asked all the right questions , He went through my records and knew I was in rock bands playing adult venues since I was a kid, I had had a scoliosis brace for 4,5 years as a result of my two open heart surgeries which done differently for aesthetic reasons 90% of young girls had to be braced , not all followed the directions or wore theirs, My Mother caught mine young but technology wasn't then what it is now. He pulled me aside about two weeks later. I was a day dreamer, on drugs, didn't pay attention, and many other behavioral issues were in there, along with school psych evals that didn't match up at all to statements made by half of my teachers and no one looked at the ones from classes i aced. He WAS FURIOUS B/C he found that I had been ambidextrous and forced to use only my right side , had photographic and eidetic memory last checked at in grammar school and serious dyslexia post 2nd heart surgery. None of which was used to after how I was taught, He went right to my computer teacher after he and I talked and I ended up in tears and between the two of them luckily because Intro to 'computers was new it was Pass or Fail, she passed me through so I could go to math with him for senior math but instead of computers and during MY LAST SEMESTER I WAS IN HIS FRESHMAN MATH FUNDAMENTALS. I did horrible in computers in College but was only until I could change my major. Im definitely one who learns by all my senses and I know Govt & Politics like back of my hand. and One math teacher is reason that I passed math part of Real Estate on first shot and was a nurse who had no issues with medical conversions. I am glad I found you.
I really enjoy these podcasts, when i have long drives i always put yours on. Thank you for doing what your doing David. Im really excited about the Pegasus video. All the best!
One thing I've kind of been concerned about (although I personally don't have anything to hide, but stay anonymous anyway) is communication analysis. Especially with how much more more work on AI is occurring recently (but even really before that), it seems quite easy to have a bot go through vast amounts of scraped data (be that on a relatively private chatroom, or public website) and analyze their writing style (or voice when applicable) and tie it to other accounts which would otherwise be impossible to tie together (due to taking extreme privacy measures). I would expect that government orgs would have this tech, but I'm surprised that I've never heard about it, because we've had this capability for well over a decade, easily. I'm wondering when it might become more common and/or when privacy-minded or paranoid people start using AI scramblers to re-word every single thing they say.
All the same: you can train AI to re-write your text as if someone else (say, a celebrity) wrote it. Needless to say they won't be able to reverse what you wrote at that point, nor would they assume the celeb you trained on wrote it. 😗
Tell me that you use an ad blocker, without telling me that you use an ad blocker. Hello, never heard of Grammarly? It's pointless for you to do all this 'hidden but not hiding' schtick if it's gonna make you draw the whole 'ACKSTUALLY...' crowd right to your door stoop.
@@HighestRank well, all i'm picturing now is Americans in the 1938 running of "War of the worlds", scared of Alien invasion, only to turn out, it was a "British radio broadcast" 😆 The similarities with that ,and privacy is uncanny.
@@martinberan2136unless the vm is running in the cloud and you wipe the vpc it runs on after. Ideally you're also connected to it with a solid vpn/dns proxy
Mr. David I absolutely love your shows and try to do my best in viewing them all. I'm kinda new to this field but have found it to be what you could call an obsession/passion in everything to do with hacking. I've never heard of OTW and find him truly fascinating and informative. I appreciate all your efforts and the things you share with us all. Maybe you could have him or even yourself doing a show on AndroRAT, Android-RAT Hawkshaw, Dendroid, HaxRat, LaRat, Mass-Rat, Teardroid-phprat and WH-RAT. Maybe all the RAT's? I apologize if you've covered these already. As I said, I'm new in this field and to your channel as well. But thank you none the less for all that you do. It's greatly appreciated.
I think it would be a good idea ro invite some of these scammer hunters, and ask them few question on how you can really try to track them. These guys are really like the cancer of the internet, and unfortunately most often are placed in countries with corrupter gov and police. I think if more people would know some basic tools and techniques to make their life litrlebit harder, it would benefit everyone.
Seems like this guy is really smart one second, and BSing the next. Maybe it was just me picking up on that vibe. It kinda caught me off guard when he mentioned arch as a privacy distro, and when he was showing us a terminal tool, but couldn’t tab complete the config file. Also… brave?! That’s one of my last choices for a private browser. It’s based on google chrome (chromium), and is made by a company I find creepy. Not to mention the fact that he suggested starlink as something that helps your security! It’s just as identifying as a normal internet connection with the info it requires, that’s simply no better.
I scrolled the comments A LOT longer than I should have to find a comment saying that. Haha the failure to use shell auto-complete was painful to watch. Half his advices are phony, an the other half are missing nuances. Adding a few things: - ProtonMail as the best mail provider ??? No mention of anonymous tor mail providers? - Try to refresh the ip address site to get a new IP, does not know that tor circuits are reused per website/host? - edit a config file in an obscure GUI text editor?
I have to say something about turning off cookies or services. Those are only visual representations that seem satisfying to the end user. There is absolutely no guarantee that choosing any of those options does anything at all. It could be easily programmed to show a graphical slider showing "off" while literally not affecting the coding underneath. Even a Visual Basic programmer knows that progress bars are totally fake.
46:42 I'm surprised he didn't mention OpenBSD, which is known to be the most secure BSD operating system, even more secure than HardnenedBSD, which is more or less FreeBSD with a lot of security patches...
I don't buy FBI's neighbour's WI-FI argument for several reasons. Instead the claim is constructed to spread fear, uncertainty and doubt. This is often enough to deter criminals from doing nefarious things. Moreover if suspicious activity is emerging from an IP, they have to thoroughly test the theory that it's not actually the IP's owner who did the malicious thing. With that aside, sure, it's a nice idea to knock on doors. But if the police knocked on _your_ door checking on "nefarious internet activity," would you tell them outright that, "Ya, sure, it was me! I hacked into the neighbours Wifi. Here are muh hands, just cuff me nauw pls!" Not very likely.
Ive seen special antennas that can reach WiFi routers 5 miles away only for 300 dollars. Not a bad distance at all and definitely not next door radius.
They likely have additional information already they are trying to match. Aka, someone uploading inappropriate stuff and they find the subjects depicted at one of those nearby homes and the content has interior footage that can be matched to the home. I doubt it is a matter of just asking people to confess to crimes.
I have wasted several minutes trying to find someone who would think the same way as I do. The moment they say "it's 100% certain they will catch you," it already demonstrates how false it's being. If you're going to live in a city with tall buildings resembling beehives and you get yourself a good antenna, I'll bet you whatever you want that it stops being 100%. Furthermore, I don't know where this person lives, but in my country, without a judicial order, they can't enter your house. Do you know how much time they would waste searching everything? It's true that many people have committed cybercrimes, but you don't need to be intelligent to do it either. The people who are truly intelligent continue committing crimes and they haven't been caught. So, getting back to the topic, that 100% is completely false.
As always good content, I'm impressed with you I really like your videos usually with videos longer than 10 minutes I watch them between days but yours almost always keep me engaged.
Thanks for all the great videos. Excellent content and guests, you know who, for example. I’m almost 50 and I regret, every time I log on the a piece of tech, that I didn’t try to learn Linux when it first hit the scene. My concern now, has to do with Microsoft , adding the WSL functionality to the stock options of Windows. When you read the user agreements that are buried along side and pertaining toWSL, it seems that it was not a benevolent decision to allow Windows users to access Linux. I hope someone looks into this because Microsoft doesn’t do anything for free. And the way the new user agreements ( that no one reads and blindly agree to) seem like the position Microsoft to take ownership of anything the may be created under WSL. I hope I’m wrong. If not, I hope someone brings it to light. Thanks again!!
Linux is not hard to learn to use. It's a pain to troubleshoot though. All the steps you have to go through to ensure competent anonymity doesn't seem to be worth the effort to hide yourself from unknown entities who have the power to easily find you anyways. And of course the more secure you are the less usable you will be, not to mention the slowness involved.
How come the NSA, CIA, & FBI act like it’s so hard and damn near impossible for them to bust these child SA groups and sites that organize, sell, and meet up through online platforms but they can get anyone else’s info when it comes to anything else while online in the US?
It's about authorities. First, NSA and CIA are intelligence agencies with their own individual missions. They were created for national security purposes and for gathering foreign intelligence. They do not deal with crime in any capacity. The FBI on the other hand would tackle this kind of mission. However, they do not have the same authorities/access to resources the NSA and CIA have. People already complain about the NSA/CIA and think they have too much power. Imagine if you gave those same resources to the FBI, who are allowed to target US citizens (because that's their job). From the outside it seems very simple, but I promise you it's not as easy as you think. No one wants what's happening to those children to continue - I can promise you that. If the solution were easy, it would have been done already.
Because they use those groups to compromise people they want to control. Just like they never released Epstein's guest book logs which they now possess
@@cyberchef8344 Right, they need to show they are capable of doing their job of 'finding out' It would scare millions if they just came out with "we can easily get at them with little to no door knocking" I refuse to believe departments don't have the same "authority".. That is the same as "Governments need out. consent before they can search and look into accounts, etc..
@@cyberchef8344 I'm of the opinion none of these agencies are particularly concerned with staying within their assigned boundaries and the only thing keeping them from cooperating and sharing info is their own arrogance, hubris, and conceit.
Can you guys make a video on people search and how to OSINT other people, including yourself? Not like hide from the FBI privacy, but to show the kinds of tools and techniques someone doing the investigation would use. I think it would fill in some gaps.
I would love to see more content like this but also discussing stingrays... Because stingrays play a huge role with the government tracking cellphone data... A burner phone may make no difference if being monitored by a stingray
@@axolotl2494 it's a device the size of a radio that can mimic a cell tower. Anyone nearby with a phone using the carrier they are mimicking would go through it first and then they can extract information such as the phones IMSI numbers. They can also force your phone to do a number of things such as using an older protocol that's less secure by pretending to be unable to accept the new more secure one. There's a lot they can do. But like everything it's about layers of effort and resources. Someone would need to know your general location and pay someone to sit near you in a van and know what carriers to mimic etc.
Also you can consider running a DPN over a VPN for that extra layer. I build and mange my own network with this method. I basically hijack another ISP although this can be risky due to it been virtually impossible to control the hijacked ISP’s DATA but my own ISP is receiving nothing of my own traffic. I would consider looking into a DPN from deeper network if you want to keep it simple stupid. This technology is slowly been adopted by people such as my self. Although and this is true your never 100% secure no matter your OPSEC there is always that 1 little bit of evidence you will leave. But if you run a DPN through VPN and bridge though your own DNS and access through a secure day 1 windows 7 VM you will have very good security no matter what you do unless you forget to delete metadata from any uploaded photos or videos such as on a marketplace. That’s when you will get unstuck. Again it goes way deeper then this and I may consider writing a book
Thanks for those amazing infor, David my regards to occupy the web am sure I will be able to build back my workstation and how about when I got a question to ask.
45:30 Wasn't there a case in 2021 where Protonmail logged a French activist's IP-address and handed the data out to the swiss police, which in turn sent the data to the french police? I know that one can't really compare this case to "normal" users of Protonmail, but one should not forget that Protonmail (or any other encrypted mail provider) will have to comply with law inforcement, if they want to or not (even if the are not able to read your E-Mails).
At the end of the day, if the Police / Government demand details, what can a legitimate company do? The laws are much stricter in Switzerland, so that makes it much harder than in some other countries, but as OTW says... if you want to hide from the NSA or your local government agencies, you're going to really struggle. Did you see the FBI "encrypted phone" that was used to catch criminals? www.justice.gov/usao-sdca/pr/fbi-s-encrypted-phone-platform-infiltrated-hundreds-criminal-syndicates-result-massive - I see Proton changed their policy: www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
Remember, that if the Activist used a VPN he would of not been caught. Its misleading to say that they handed over the IP willy nilly. Not defending them in the action but yourself needs good OPSEC too
The problem with disabling cookies is some websites will actually limit functionality or even make it impossible to navigate unless you turn on and accept cookies. How do you overcome that?
I also had this thought and came to the conclusion that I won’t sacrifice my privacy to purchase from a company that doesn’t value my privacy, and actively chooses to rid me of it.
First time watching your content - Great clip and I subbed. Reassuring that I already take most of the basic steps. I'm about to go Linux, but still need Windows for some specific things. What would you and OTW think about running Windows and Linux on the same hardware pc, but not virtually one within the other ie Dual boot/Dual signin? What are the privacy and security implications for that as opposed to running one of them virtually one inside the other? Thanks in advance.
The Mr.Robot scene was actually one of the few inaccurate ones in the entire show. The dude was running a HS, it had nothing to do with exit nodes. The actual attack on an HS is traffic correlation, that if you own a substantial part of the network to become the last relay (not exit, there are a lot more relays) and provoke a lot of traffic, you can see a spike to the probable HS. That still wouldn't give you the HS descriptor. You'd have to know that first. So the investigation would start with the site and not the network it flows to. The extreme high level of observability to deanonymize a HS outright are only available to state actors (or someone dropping a few grand on Tor relays, but that's less effective, you'd notice and it'd be expensive)
And this is why Tor doesn't like to change your routes very often, to protect against statistical attacks of this sort. That is why a simple refresh didn't change his route. You can delete the file where the route is cached if you need to generate a new route (current one too slow, etc...) but it is not recommended if you need anonymity.
The ubiquity of video surveillance (at least in developed countries) has a huge impact on this topic. For example, buying a burner phone with cash and leaving your primary device at home is great, but much less effective when there's HD footage of you buying the device, marked with a handy location and timestamp. The more this type of footage is stored in the cloud (and is therefore accessible to gov't agencies) and the more accurate facial-recognition tech becomes, the easier the task of associating you with particular purchases gets. Hell, retailers are trialing these sorts of systems themselves, so they can push ads to you in-store based on what you're looking at. So, unless you wear an "AI-proof" disguise when you buy that burner, sooner or later you'll get tagged.
@@birdbeakbeardneck3617 If the idea is not to stand out and draw attention/suspicion, then turning up at Target looking like a ninja is probably not going to cut it. Also, now that the pandemic is supposedly over, a lot of retailers are banning masks/hoodies etc. Makeup might work, but I'm guessing future AIs will see through that pretty easily.
@@tsundokujim exactly. If You live in an area where no one likes to cover up their face and just wearing a hoodie makes everyone stare at you in fear, and get stalked by worker staff, then how do you actually disguise yourself? I'm trying to figure out how to buy and get burner phones and prepaid Sims sent to me without revealing my private info because no transportation and crappy taxi and uber services being unreliable makes it hard to go out and get stuff. But how do you find s way to get it delivered to different address and keep your info private?
Some useful info not mentioned: A potato chips bag with a shiny inside works well as a Faraday cage (if in doubt test it yourself). Also, just having your phone off in some cases is not enough. Because if you are being targeted your phone can be remotely turned on to eavesdrop (unless it's in a Faraday cage).
I learned that from that movie Enemy of the State with WIll Smith. If you never seen the movie, watch it is a real good movie. Despite the fact that you might like or dislike Will Smith.
Why do you think you can no longer remove easily your phone battery anymore? So that even if you turn the phone off you can be traced by remotely turning it back on.😉
In now-days world it is practically impossible to stay anonymous. There huge number of cameras outside and every computer transaction is logged on multiple of devices. If you want to stay anonymous then you can kind of get lost on crowd for moment. But it is only matter of time and resources poured on searching when you get tracked. Best way to be anonymous is not to do any major things what other people do not like and/or have powerful ally to protect you.
14:30 surprised he didn't mention Brave browser's option to block cross-site cookies here. By blocking only cross-site cookies (and still allowing same-site cookies) you can prevent websites from profiling you, without sacrificing functionality in the vast majority of cases.
@@davidbombal Hmmm, well if I were to ever be blessed with a job offer from the NSA... It would be good incentive to accept, if for no other reason than to grab a beer with OTW 😊
You did mention this but still: There is no such thing as truly being anonymous or safe. It's all about making it as hard as possible to find you and hoping that the person or thing trying to find you will not have enough knowledge or motive to find you.
I'd love to hear his thoughts on the additional security of using a Virtual Browser for secure surfing (Network Chuck created the concept and made a video on it).
@@bradley1995 no its worse- It's streaming the entire chrome or firefox browser to you, they can like actually record your screen and keypresses even if they wanted.
@@russellstall169 pretty sure i saw some failed startup try to stream chrome into chrome before, and before that even there was the puffin browser that would stream chrome in order to allow flash to work on mobile.
My friend was a cashier on a store and after a group of guys purchased a multiple "pay as you go" SIM cards, the police in civil clothes came in to the store and wanted to see what was the purchased SIMs serial numbers or something like that, obviously the were tracking these guys that were probably drug dealers and were about to tap their burner phones. So I guess even those kind of burner phones are not entirely secure.
Oh, OccupyTheWeb, amazing dude! Love his content. I'm now reasing his Linux basics for hackers book and learning from it, definitely a must read. Thank you David for giving us the oportunity to again listen to him.
How can David's guest be anonymous if he doesn't mask his voice? Anyone who knows him personally can recognize him. Or even if he uses software to mask his voice, how can he be so sure that the output of the tool he's using can't be reversed to reveal his true voice? Or maybe the guest actually types out his answers into software that reads text out loud, and the interviews are edited to give the appearance of a fluid conversation? At 4:19 he says that from his American accent it's obvious he's from the US, so either he's using his real voice, or what he said was just to throw people off.
His voice is ran thru a masking program. Saved as an audio file. Then ran thru an AI program. Saved as an audio file. Ran again thru masking. Rinse & repeat dozens of times. It’s so far from the original by then.
There is some misinformation / bad advice on some of the topics, e.g. the subject line in ProtonMail is not end-to-end encrypted, only the content and attachments.
when bad people exposing themselves out in the open in broad daylight proudly doing bad while people against them has to be shady, creeping, tip toeing in the dark like thieves. upside down world and you comply
Don't be fooled ... Occupy The Web (OTW) tells us the hard truth about being anonymous online. The brutal truth: Will using your neigbors wifi keep you anonymous? Can you hide from the NSA? Can you hide from Google and other companies? Will Tor help you? Will Proxy Chains help? Which phone do you need to use - Android or iPhone or something else? Which operating system - Windows, macOS or Linux? What is the truth? What do you need to use?
// Mr Robot Playlist //
ruclips.net/p/PLhfrWIlLOoKNYR8uvEXSAzDfKGAPIDB8q
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: ruclips.net/user/davidbombal
// Occupy The Web social //
Twitter: twitter.com/three_cube
// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: davidbombal.wiki/otw
// Occupy The Web books //
Linux Basics for Hackers: amzn.to/3JlAQXe
Getting Started Becoming a Master Hacker: amzn.to/3qCQbvh
Top Hacking Books you need to read: ruclips.net/video/trPJaCGBbKU/видео.html
// Other books //
The Linux Command Line: amzn.to/3ihGP3j
How Linux Works: amzn.to/3qeCHoY
The Car Hacker’s Handbook by Craig Smith: amzn.to/3pBESSM
Hacking Connected Cars by Alissa Knight: amzn.to/3dDUZN8
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming up
00:51 - Don't use the nighbour's wifi
03:02 - OccupyTheWeb books
03:44 - How to remain anonymous on the internet // The NSA is watching
09:56 - Be careful of your browser
13:35 - Turn off cookies
15:41 - ProxyChains and Tor demo
22:10 - The FBI story
25:30 - ProxyChains and Tor demo continued
28:36 - How to remain anonymous
33:05 - Using Starlink
36:18 - Recommended operating systems
38:34 - Untraceable phones (burner phones)
40:05 - VPN vs Tor // Don't trust free proxies
42:29 - Don't keep systems together
44:24 - Recommended e-mail service
46:53 - Bitcoin is traceable
47:58 - Anti-forensics // How to clean systems
50:41 - Recommended search engines
51:34 - Have different identities/systems
52:26 - Conclusion
Pin your comment so it stays on top 👌🔝👀
Could u do an av and other evasion techniques with occupy the web
Best channel on youtube 💪💪💪💪
There is no secure browser or programs that can keep you anonymous if we continue to use the same communication protocols and ports 🥷
@@MegaHax elaborate
Over a decade ago I took a class in network security that was taught by a retired navy intelligence officer. One thing he taught us that has stuck was: "The only secure computer is one that is not connected and can not be physically accessed. Once a machine is accessible, it is no longer secure. The form of access doesn't matter -- physical access, network access, it all compromises the security of the machine. The line you will need to define in your future career is going to be the line between secure and accessible. A machine that can't be accessed can't be used, so while it is secure, it isn't useful. The more accessible a machine, the more usable it becomes -- and the less secure. The policies you write for your company are going to be a negotiation of that line between accessibility and security."
"Air gapped"
That’s a quite a bit of words you remember from a decade ago
He wasn't aware of air-gap techniques used over 10yrs ago to communicate with any device via WiFi or Bluetooth. The device did not need to be connected to the Internet as whatever it was near could report the proximity.
If you removed all RF devices and never plugged it in, you might find that people marked as targets would have to use something like USB storage to view files. Depending on the sites they were obtained from depends what was in them and what they did.
Your off the shelf firewall will not help.
The only decent firewall for stopping NSA and GCHQ was by Kaspersky, but they were also spying on you!
@@Bond2025
Any sources or search terms for these air-gap techniques? Sounds fascinating.
thats so true, just look how the sildroad dude got arrested, social engineering and boom, iirc he had a panic button on his laptop that would normaly brick it but he stand up and helped that woman ... crazy if you think abt it.
What I hate about the NSA the most is that they’re letting too many abusive cybercriminals get away with stuff these days but common people still have suffer online privacy issues.
They no longer have eyes on good cyber criminals. So they bother the rest of us,
That is by design, the constitution is a Joke to those people, they use it like a boy scout metal as they commit crimes.
And rich people can get away with not paying millions in taxes while you and me will get audited for not claiming $700 on our taxes. Best thing to do is accept it and adjust you actions accordingly. Unless you are born into that elite ultra-rich class of people you're screwed. Even if you cold earn or steal enough money to be considered one of the top tenth of a percent of the wealthy they would know you came from outside of their class and not going to be accepted into the club by your wealth alone. The one thing we have to get over the ultra-wealthy elites is something they are doing everything they can to disrupt is our numbers. If we could all just come together as one unified people against these elites then they could not stop us from taking them down. But that's not likely to happen is it? We are kept splintered into little antagonist factions at every level: Politics, race, gender, coke vs pepsi, you name it, the elites are behind all efforts to label us and wall us off from the one thing that is more important that those manufactured labels and unites us all into one massive collection is our status as human, non-elite. Or what I wold call human, if you allow me to consider the "elites" as non-human. They seem to lack humanity so I think it applies. Keep up the fight and don't let the bastards keep down my bother.
Reminds me of some lyrics from dude named Daylyt
"Who all up on the deep web? My P.O. , yeah we know"
Yk the british empire and its network of financial monopolists were the ones who invented global narco and human traffick.
They been laundering money from all that sht before it was even illegal .
You best bet their successors the globalists are profiting from and enabling all the criminal sht that goes on on the dark web .
😂
That's what they want
Nice video Dave. But strange you're not discussing Tails OS. Get a cheap or second hand laptop with 8Gb RAM (the more the better), a bootable USB3 port (almost al laptops from five years or younger have that) and a USB3 thumb-drive and you have a quite quick anonymous machine....
can u tell me more about this?
“I don't know why people are so keen to put the details of their private life in public; they forget that invisibility is a superpower.”
- Banksy
So true👑
My space?
Boom!!
Absolutely love David's channel and wanted to add to the OPSEC recommendation of not carrying your personal phone with u to buy a burner- even more important than that caveat, one must NEVER carry around both your personal and burner phone with u at the same time. Any 3-letter or law enforcement agency can create a map of date & time where both your devices are pinging the same celltowers at the same time, thus tying u to the burner with circumstantial evidence. I like to think of the personal cell and burner as your wife and mistress, both should not know of each other much less be in the same place at the same time. And no, this wasn't a reference to infidelity...stay safe
Yeah, and leave the burner on airplane mode unless you actively need to use it. IMSI catchers are deployed at most protests these days, if your phone isn't reaching out to cell towers it won't connect to a Stinger either.
Faraday bag?
@@Si74l0rdairplane mode 😂 bless your precious heart. like covering your eyes and thinking cant be seen
@@x1k790shh dont tell all these criminals about that or tin foil. let em use “airplane mode” 😂
@@Hshjshshjsj72727 not aimed at criminals, just pointing out a method of safety ;)
My motivation to keep fighting for my privacy is that shit might not happen now, but in the future when my life is a lot more meaningful to me, they might also be a lot harder on how they control us. I hate being controlled, so I decide to learn and do now so I can be ghost later.
1000%
And this "guru" is not very smart. A lot of gaffes. @bulliontoy. Yup: Doesn't use filename completion. Doesn't know it's not necessarily a bug to not have a (public) IPv4 address when on TOR.
And how exactly are 'they' controlling you? By forcing you to do mainstream things like going to shop, or doctor, or work? 🤣
@fifski exactly what a mind controlled person would say 😂
@@LeeeerrrroooyJennnnnkins LEEEEEEEEROOOOOOOOOOYYYYYYYYYYYYY HHHHHHHHUUUHHJAYYYYYYYYYNKINS
In the uk, a guy gets stung for trying to meet children online, all while another police department are watching and gathering evidence on his neighbour who has stolen his identity, and is posing as him to meet children online - they let the innocent guy's life get demolished because they didnt want to blow their case, he lost everything - so yeah, they know if you use the neighbours wifi
I wonder if they'd know if you use some random other person's wifi some distance away, by using wireless-to-wifi relay. Imagine a battery-powered device with something like a RaspberryPi, the wifi connects to someone's wifi, and a wireless adaptor with a sim card to get on the phone network. Dial that phone number and you're using that other person's wifi from miles away.
@@ralphm6901can't tell you that, they'd have to cnt alt del you
@@ralphm6901 when they find the hardware its gonna become a lot easier to figure out who was using it
Much, MUCH appriciation to the both of you David. As a aspiring Cyber Engineer, it's like you guys answer all the little and big questions I think lol Thank you!
I know who the 'faceless ' man is - he is my neighbor 😭😭😭
Dunno wtf a cyber engineer is supposed to be but heads up OTW is a clown
@@KG-wd1uu He must look dorky to you lol
16:41 16:44 16:45 16:45
what the heck is a cyber engineer
I usually can't sit through long videos but I have to say, listening to OTW kept my attention to the very end. David, you did a great job in allowing him to share his straight forward and easy to follow info on keeping safe online. You asked the right questions and summarized in a succinct manner. Excellent!
Banger of an interview! We must have more OTW content David. Fulfill your destiny!
lol... glad you enjoyed the video! Definitely want to get him back much more often!
@@davidbombal thanks for what you do. Simply the best. you guys with OTW owe us an interview with a Ukrainian hacktivist that are defending their homeland from russian cyber invasion on top of kinetic invasion. You had an interview with a russian young dev. And this is not fair. Give Ukrainians a chance to speak out.
OTW has spoken about Ukraine a lot in our interviews. Watch a few of the interviews with him like this one: ruclips.net/video/GudY7XYouRk/видео.html
@@davidbombaloh trust me©️ we watched ALL your videos! Thanks for what you do again. Just would like to head one of many Ukrainian infosec experts from the trenches of World Cyber War 1. I think it will be a hot content. Just pinch it to him he can get someone to agree for the interview.
@@davidbombal
Another great video... The limitation of this technique, is not being able to use burpsuite for MITM and proxychains... However, adding a SOCKS TOR proxy to burpsuite, diverts outbound traffic through the TOR network... without proxychains
This was stuff being talked about 3* decades ago in the early 90s. What is being described as anonymity here, is really pseudoanonymity. There is no such thing as actual anonymity online.
I like to think of the internet as standing in a conceptual digital square wearing a name tag. You can put a disguise on and cover your name tag, but if someone really wants to know who you are, or someone who already knows you and is paying attention comes along your efforts are for nothing.
You are more anonymous in real life than you are online. So if you're looking for privacy, the ultimate hack is to take offline and into the real world everything you can.
30 decades ago, that is 300 years ago 😋
@@askfaisalmuslim Nope.
Definitely 🖊
This is the truth
Besides quality content, this really feels like a thriller podcast I'm watching. I absolutely love it.
It's funny, how I tried watching Mr. Robot around the time I started my cybersecurity journey and I thought it was a good show but started losing interest during season 2. Fast forward a couple years later and countless hours of studying pentesting, I decided to restart the series a few days ago and its way better than I remember and so many of the small references make sense now lol. Including the exit node scene from episode 1.
Right on man, you watched it on Netflix??
Yea, its funny. Seems like me, 5 years ago first time i watched it. This series is muuuch better if you know what's happen on the screen.
@@prolificseeker4778>Series about hacking and technology
>Did you watch it on Netflix?
Lol
I tried to watch it since it was techy but it was boring at the time. I'll wait when its on free streaming
It's genuinely some of the best TV of all time imo. There's some phenomenal episodes.
I’ve cut back on fun spending because all my budget items have increased. Utilities, gas and food keep going up. Summer is expensive anyway. Great video!
great interview. as OCTW said...even he...is not anonymous to some people that have resources,time and skills. great interview Dave. Great presentation. i believe you must create a course for footprinting etc. or even as an end user..if someone attacks you , some basic forensics and if you have a chance to find by yourself this neighbour ...it will be valuable.
Whoever controls the final notes controls the traffic. That's my
Golden Nugget
I think we need to shift the conversation from the ideal of anonymity to the practical compromise of pseudonymity, and just use anonymity as a benchmark for evaluating different identity defense systems. Only the designers need to dither about the Philosophy and formal logic. Everyone needs an optimally engineered solution.
I used to work in intelligence over ten years ago, and everything he says checks out. These are all things that were taught to us. I remember reading the public case file that came out after the Silk Road bust and learning that DPR used the same cafe every day to do his browsing and I was like "uhhh, classic mistake..."
This is a lie. Police in the US don't go around knocking on everyone's doors just because someone in the area hacked from a nearby IP. No judge would be able to approve such a warrant.
Yep. Unfortunately, people are creatures of habit. Unless you are willing to go completely off grid in the middle of nowhere and forego nearly all electronics it is nearly impossible to not be traced somehow today. Even if you go off grid I am sure any of the major government intelligence and law enforcement agencies will find you if they want to. Facial recognition still has a ways to go, that we know of, but with cameras everywhere these days who is to say they would find you just because you unknowingly walked by a web cam or came up on a picture someone took where you just happened to be in the background somewhere.
Maybe he stopped caring. There’s really nothing to hide from you megalomaniacs. It’s called freedom you fool
I think doing this is possible, you just need NOT TO sit in the cafe, you can just live in the city with a high population, craft a wifi cannon, decorate it so it looks not like wifi cannon, and here you go!
Yeah I couldn't work out how he thought that was a good idea, especially when he went to extraordinary lengths to keep everything else hidden
Spent my young years finding people, before internet. So Groan.
This episode has confirmed many of my suspicions and opened my eyes to a few more. Thank you for sharing some really good information. Great video from an awesome channel 👏
Arguably the best technology and security RUclips channel. You cannot find this much quality content,even if you are ready to pay for some dollars.
hes beter than most of the jerkoffs on youtube dats for sure!!!!
Another thing that's important is to never mix your hacker life with your public life. That means as an example; If your turner phone is located where your private phone usually is located, that would be a no no, even if your private phone isn't there or off at the time. Treat all of the things you use that can connect to the web or to a phone company as a node and make sure that hacker nodes have never been online in, around, on the way to or together with any of your private nodes. If they have, you can get rid of them at once. This is one of the reasons why there are schools for these kind of government operators. It's also the reason why people who are working under these kind of rules don't do much else than this work. It takes up a lot of the time each day, just to do the smallest thing.
Yes, I'm a little techtarded myself but was always concerned with the blue tooth connecting to local devices possibly showing location.
@@franciscozubillaga3241Same
It's only the black hat hackers trying to hide their nefarious activities. White hat hackers would rather be known and get notoriety that they're good and make much money.
Good news is there is whole world outside internet which doesn't care at all what happens online. Most of us forgot that and don't know how it works even.
Most trueful fact
I don't try and be invisible, but I do poison my data with many un-me activities anytime monitoring is possible. Exactly the same method for dealing with AI. They use your interactions to further train their models, so take action to break them with inappropriate feedback to the "AI".
Back in the day when email was first practical, people were concerned about NSA, FBI, etc reading their emails, so some percentage of users changed their signatures to include words like bomb, gun, and explosives in order to poison the well and make the scanning machines scan and store worthless emails as well as any that might be interesting.
@@ralphm6901 Yeah, I did that. Lots of fun to be had on mainframes back then.
I knew this from day 1.
@@ralphm6901I'm sure that really threw the NSA and the FBI off course. 😅
@@SpaceCadet4Jesus that was back in the day before supercomputers were invented and huge amounts of disk storage cost huge amounts of money, and there were no giant database indexing engines. Desktop PCs commonly ran on 8" or 5.25" floppy discs, and if you bought a really expensive PC it might come with a 10Mb hard drive. The theory was that the more traffic they captured, the more the system would be bogged down and the less useful it would be. These days, that's no longer true. Anyone can go online and buy a 14Tb (or larger) drive to add to their PC. Government agencies have petabytes of storage and fast search engines to process it.
This is so interesting and informative! I’d love to hear more about using Linux as I’m a newbie :D this was so interesting and remaining anonymous is definitely not something you can do by purely using a vpn and I’m so glad you touched on that ! 🙌 great video
any vpn you buy is attached to your credit card :P meaning law enforcement can supeanoa it
One thing that i’ve heard about cell phones is that they can be tracked even when you have the phone turned off. Two of the safest things you can do is simply remove the battery when you’re not using it and use the phone ONLY for outgoing calls. If you’re using a device such as a tablet and you simply can’t remove the battery to wrap it industrial grade tinfoil. Not the cheap stuff you get from the corner store. It will help block any incoming or outgoing transmissions. Keep it Wrapped up at all times unless you’re actively using the device. As far as protection on a laptop. Use an old laptop without any hard drives period and boot off a USB drive running a security version of LINUX. Tales is actually a version of Linux. You can also create a custom version of Linux if you’ve got the skills running off only a USB drive. Remember the laptop itself doesn’t have any operating system on it period nor any storage devices. Folks can’t steal information off of something that never existed in the first place. And when you remove the USB device you could hide it god knows where. It could be in a hut in Brazil or in a igloo in northern Canada. Thats for you alone to know.
A lot of this stuff is very logical if you know a little bit of how the basics of the internet work (ie. DNS, IPv4, ISPs, etc). I'm just a normal IT guy thinking of getting into Cybersecurity and I spent a lot of time thinking of how to stay anonymous and I kept coming up with "nope can't trust that, or that, someone else owns it, so they can probably see it". This video really validated a lot of what I was thinking which is what I kind of needed to hear.
Thank you to David and OTW for confirming that becoming anonymous while invaluable is incredibly difficult and is really all about what's it's ultimately worth and to who it's worth considering all the breadcrumbs that become so easy to leave behind. It really takes a lot of effort, intelligence and constant awareness to stay anonymous.
Glad someone spoke clearly about the use of AI in assessing & using our data. It does seem like AI tries to think ahead for us. It does seem intrusive. Just because I'm thinking about holiday cookies, doesn't mean I want them to pop up in adds everywhere. At first it made me scared that some mind-reader or psychic was harassing or targeting me via my phone. That's just how it can really feel. Especially if "push alerts" are not controlled.
Target super store started this trend years ago starting with expecting mothers and giving out coupons
Mmmm cookies
What I like about this episode, apart from all the very useful suggestions, is the constant warnings about how how difficult it is to be 'hidden' online! This is so very true. The mention of of having multiple identities and completely different behaviors in the different identities is very important.
Note: Having different identities for social media and emails is useful anyway to help protect you from 'trolls' and people who like to 'bully' you online.
Thanks for sharing this it really is very useful information indeed. :)
Now you abuse. Harassment on multiple identity
@@Neighborhoodcarpetcleaners You are confusing me with someone else. I only use this userid on YT and similar services. I only reply to people in comments. I don't like harassment or bullying done to me. I don't do it to others.
Beware of the 'troll's. They user similar usernames to confuse real people. It is what they do.
If you want ultimate PERSEC where you'll never be caught, then you start here: buy a laptop with a gift card or cash. Giftcard should only be bought with cash and a mask on. Also make sure you made it to the store untraced by any public recording cameras where it wouldn't see your face or a license plate perhaps.
The laptop should be used with layers of encryption/VPN, and in a location far from your house. Once you have what you need, your files should be placed in an external harddrive outside the laptop. The laptop should be placed inside a faraday case and hidden away. The location you're at should also be untraced by any public cameras that could see your vehicle or face. But with the layers of encryption, it would take government hackers too long to trace the location. And by the time they do, you will have been gone for days.
@@moshedayan9253 Just buy your hardware used, why go through all that crap with gift cards
"to help protect you from 'trolls' and people who like to 'bully' you online" - just don't create any social media profile. If you can't be without one, just don't put any personal information there (names, pictures, address, real friends, anything personal). You don't need to have "different identities"
First rule, always use a private DNS under your own control.
What isn't talked about is how quickly you are identified by your meta-data.
Lets say you go to a public terminal leaving all electronic devices at home. You will quickly be identified based on how you type and what sites you go to.
How fast you type, how you spell, your grammer and more are all part of "how you type". This meta-data is so unique as to be close to a fingerprint.
Combine that with which websites you visit in what order and you are known.
He talks about turning your phone off, that doesn't protect you. A smart phone has 2 cpu's. The one that operatea the smart phone and the SIM card. The only way to turn off the SIM card is to remove the battery, which most modern cell phones don't allow.
The SIM is "pinging" (not the ping command) nearby cell towers every few seconds. This means that every devIce with a SIM is continuously located. Most modern cars have a SIM.
A sim card is not a CPU. The second CPU in a phone is the baseband aka modem
@@rpm10k. If you google "SIM card" you will find out that it is also known as a "UICC" or Universal Integrated Circuit Card. You will then find out that the UICC "consists of a CPU, ROM, RAM, EEPROM and I/O circuits."
You may also find some XRay pictures of a SIM card that show the tiny little cpu in it. Phones are starting to switch to "eSIM" cards, which just means that the separate cpu in on the phone and can be 1 or more virtual eSIM's.
The baseband processor is not a modem, although it can provide modem functions.
@@Slackware1995thanks for the info about CPU in the sim cart, but I saw an interesting line in your comment, "Use a private DNS server". What do you even mean by that?
@@Cubic_cathe meant that whenever you need to get an IP of resource you go to DNS server, which resolves names to IPs. If i manage to point you to my DNS server or hack current one, i will be able to fish your credentials from fake facebook for example. Did you catch a point?
You must not have heard of faraday bad or wrapping device in tin foil
This guy must work for the government, he's not really giving you anything that makes you truly anonymous!
I guess it is all how you individually look at it. Because if you payed attention he spoke alot on several different topics on how to remain anonymous. If you can understand what he is saying or recommending you need to learn more basic services
There is no true anonymity on the internet. OTW said all that you can only do, is place up hurdles. You can only be as anonymous as your ability to be too expensive to trace. A government who wants to find out who you are will find out who you are.
Thank you two for this interview and the hard "pills".
Also, I still stick with FF. Not only for "privacy", to avoid monopoly of "chromium" as well. Use Brave is keep the monopoly of Chromium.
Same, and with some tweaks Firefox is just as anonymous as Brave, but Brave hasn't been around long enough to build up trust with me either.
The mention of Brave feels like an ad lol. Brave has analytics (worse than Firefox). This guy seems to have pretty juvenile understanding of opsec, but a juvenile understanding is plenty enough if all you're doing is talk shows and hiding your commercial identity
@@luphoria It's good say "I use Brave" but actually I use a Chromium self-compiled by me"
@@luphoriaok.... so direct to something better.
Librewolf is the Brave of FF
These statements about whoever controls the last node on a Tor circuit, controls the network, is in sharp contrast with Dr. Mike Pound's(who appeared on this channel) video on the Tor network. Dr. Mike Pound states that if you control the last node and the Guard node(the first node), yes it's possible but VERY VERY hard to work your way back to the originator of the traffic sent. Occupy the Web makes it sound like it's could all be done from the exit node. This is blatant hyperbole and sensationalism. Dr. Mike Pound is one of the premier professors on the subject. I'm more encouraged to believe him over anyone else. Also, If the Tor network was that easy to compromise the identify of people just by controlling the last node, it would be useless.
100 % bro. OTW bends the facts a fair bit. Like all his facts
I worked for a security company for a while.
Some of the guys there used to host tor nodes specifically to monitor the traffic in order to see what hackers were doing now.
Just to keep ahead of the game.
In fairness to this video. He didn't claim that controlling the exit node gives you the user's IP.
But like he said, that's only one way to find you.
@@hunglikeahamster How does hosting a Tor Node allow someone to see what "hackers are doing"? The traffic is encrypted and those people would NOT be able to descrypt anything since they don't host the node before or after the one they are monitoring. What information are they going to decipher from that monitoring??
One of the best shows, by far, that I've had the pleasure of watching. He presented so much honest and factual information that one would be neglectful for not heeding his advice.Very good show, David and I look forward to more in the future.
Thank you David and OTW . I have already received the the books you mentioned. Best teacher and best IT youtuber. Waiting for more episodes like Pegasus.
Thanks for your information and knowledge.
What is your opinion on the theory that the more you try to “hide” (no social networks, no unencrypted traffic and alike) will actually make you pop up in certain surveillance monitors and makes you a special target?
According to this theory it would be better to simulate a “normal life” and hide only specific traffic in there…
Well, if we include the IOT Internet of things , you could mask highly sensitive data in what looks to be FOB/ GPS tracker / babycam type of traffic, e.g. mimic the packet size and frequency of transmission to match such devices. Depending on how much of telemetry you can disable from sending then not actually connecting to social media or Google ID trackers would be in line with IOT devices comunicating over the web. But yeah, if you don't know how to fully disable windows and browser telemetry AND it appears you're generating traffic that avoids connecting to Google & Facebook servers then that in itself could be considered highly suspicious because most people wouldn't know how to disable traffic to these platforms
I think that's absolutely true. And this will only become more relevant as AI and surveillance increases.
@@picketfThey have loads of experience detecting and breaking steganography. People have been trying that one for decades.
Its too late... any change to it NOW is not gonna make it better. Info is already on the internet... That is not gonna get rid of
Even if you go to the extreme and change names, address and what ever else could be changed in reality (excludes DOB), it still won't change anything that is online before the change was made... I guess, it would limit finding out, but these days if the governments want to profile bits and pieces of people, they will have no problem doing that. There will always be some ''key' piece of info and evidence they can get hold of "Peron X just changed their name to Y" so there is a link we can use..
You really only get one chance, and from then on it will never be the same.
thats the point with ppl tweaking their browsers to be "absolute anonymous" meanwhile EVERY website says bro just use the STANDARD browser settings with some addons and thats it.
Cookie is a a euphemistic rename of the word "tracker." Cookie = tracker.
It's not, without cookies a vast amount of the web needs significant rewriting to maintain functionality. The only way you could say that is if you considered logging into a website a type of tracking too.
Wild, I was JUST pondering this very question two nights ago. I've used Tor on and off since maybe around 2007 and since then, I've become a sysadmin. I'm always thinking about cyber security and how I can improve it. I figured the NSA pretty much had a handle on Tor. Good info in this vid, thanks!
I would not be surprised if NSA and every other national spy agency has at least one TOR node.
I think that it might be impossible to be anonymous, because at the Hacker conference we talked about a lot of other things, VM's,Screen Size, hardware heuristics, browsers. And the US three letter folks can crack all of these. The speaker was hiding from Russia and other cartels that his jobs was to attribute crimes to. He said he could not defeat the US cyber hounds. Even if you beat them, your traffic is the only one that is Anonymous. You then stick out and they can watch for that traffic. Hiding in plain site is the concept that would be the best chance of obfuscation. And staying on the move. And like the guest mentioned using starlink. And please don't do bad things in cyber space. Thanks for the great content.
And how do you suppose you're going to pay for Starlink? With an obfuscated credit card?
I wouldn't trust Starlink, or anything coming from Darpa-Musk...Research in depth. As per Duckduckgo mentioned in this video, it was OK until Google bought it.
So in a nutshell, the only way to stay 100% anonymous is to not use digitally networked devices.
David's content should be getting at least 10k likes. He is literally giving out paid information for free.
He is actually not giving away much information. He just goes on and on about how "they have other sources than the IP-address and so on". He doesn't get into what other sources - only that you have too understand them. This seems to be more of an hour long ad for his books and him.
@@carstenjensen3123 he's pushing protonmail, that's enough for me to switch off
Nah, this informations arent really that special.
@@atorik1076 *information
I agree with you bro he should have 10k+ views always as his content is amazing! But I gotta ask what is paid information? If you mean that others have taken the information and packaged it into a course to sell. Then he doesn't sell courses it's more like a show. Also, all of the information is available for free, and has been for decades, online. Actually, if you want to learn more in depth dude, continue watching David because he is great! Lol but also, follow some documentation that you have to read and do actions. Make a target and figure out how you can achieve 🙃
I just want to tell you OTW, that you are a great source of information and knowledge. I now understand how dangerous is the web.
Please keep giving us more feedback on forensics/wifi hacking/ tracing bitcoins and tracing scammers!!!
On a dedicated flash drive, run a trimmed OS, custom configured for only the interface you plan to use. Complete with only the drivers for the exact devices installed, and any additional drivers for hardware you might use. Cut the OS to the BONE. Pre config to he is your swap file, set to a second flash drive, yes, a separate drive, not a separate drive volume on the same physical drive. Use Tor or another alternate connection method,, ( if using the neighbor's wifi, use at least 3, hopping thru three different homes, ideally choosing neighbors w/ 3 different ISPs ,)then running the chain link, then, share your connection to a secondary device, connect to the Internet thru the provided link, then , run tor, run chain link...profiles are the key. Create profiles of people who naturally would be searching for what you'll search for. Health- a mother, "how to.." a tinkerer, a 'maker", a jr reporter. Don't forget to make a few with your same name, and build them up on social media. Because they know you exist. You HAVE to be on the internet SOMEWHERE, right? Or dead....
An even better method would be to have multiple usbs with a cut back os that you cycle through or have multiple custom images configured with different browsers and different apps to create a new fingerprint. From there ideally you connect to a computer that's in a botnet and running a vm for additional anonimity and you wipe those vms after and connect to a different machine in the chain later. From there a tor network/i2p for yet another layer but that's probably too extreme for the average user.
Needed all the content that he tells in this video to learn for free. And thanks for uploading the important information for learning. ❤
2 million soon! Can't wait to see what you have planned! Congrats David. You're awesome.
Thank you very much Owen! Hopefully be soon :)
How David still doesn't have 10M subs is beyond me. I subbed when there was like 500k, and I am very happy to see him having nearly 2M, and proud to be part of this community of secure conscious folks.
You don't have to be networking engineer or even IT. Just realize that big part of everyone's life today is in the internet and you should be interested in this topic.
Thank you!
@@nieczerwonyhis Udemy courses are actually really good to
I’m super critical when it comes to seeing how someone “moves” around the file system using the terminal. I hope he was being deliberate about everything just for the sake of being clear to people watching because it was telling if not haha
I love what you do boss , always I have to come to your channel at least once a day , one of the people that making change for the good in this world . I really have an immense respect to you Sir .
David Never fails to deliver Great Cybersecurity Knowledge! Thanks
I'm someone who greatly values privacy and take many measures to protect my privacy. I don't do it because I have something to hide or whatever. I do it because I find it greatly disturbing the amount of data these companies are harvesting off me. Also, even if you claim to have "nothing to hide" and that's why you don't care about privacy, you're putting yourself at risk by potentially getting framed or arrested for something you didn't do, all because you're in a vicinity of the actual culprit or you simply look suspicious or even just look like the actual guy people are going after. There have been plenty of real life cases where unsuspecting innocent people are getting charged for crimes they didn't commit.
That being said though, I'm not someone who's aiming to be completely anonymous. You have to sacrifice far too many things, I'm not willing to give up. I try to strike a healthy balance between convenience and privacy. Even just doing the small stuff can make a big impact. Like using a privacy respecting browser on top of using privacy enhancing extensions, or using a trusted VPN like Proton VPN or Mullvad VPN. If you're on Windows and don't like Microsoft spying on you, then you can harden Windows by using free tools and disabling all the telemetry they're gathering off you. For even more privacy, you could go with a privacy respecting Linux distro. Speaking of OS', you can install a privacy respecting android OS on your phone. These things for the most part are pretty small, but they all add up.
KI?, Qubes and GrapheneOS!
Occupy the web is amazing. Listening to the two of you on the stream has been one of the best streams I’ve ever listened to. Great content David.
Ryan doesn't know that there is no agreed standard for encrypting mail sent between ISPs so it all goes as plain text. Protonmail can see everything without the need to decrypt anything after they encrypt it for users. Law Enforcement love it.
He confused End2End with Encryption2Server. This is a common mistake.
@Israelisnotourfriend actually, if you missed it or you had already stopped watching, at 50m 50secs on the video timeline you will find them telling what OTW would suggest using as an alternative browser solution@Israelisnotourfriend
@Israelisnotourfriend
They said the alternatives, you just didnt listen.
And its not about "dont use them"
Its about "dont use them if you want to remain anonymous"
Most people dont care about their anonimity, which is fine.
@Israelisnotourfriend so it really does not matter, when it comes to your privacy. They did say don't use Chrome. As an alternative
I like the way that you gather things for good purposes and you do. It encourages me to see any video you create, Sir. I highly appreciate your work. Keep going on.😊👍
Wow, I unfortunately was the last generation as a kid that didn't have internet. When I was 7 i had my 2nd major surgery for a serious heart defect at birth, I had a tutor and was very smart, I seriously still remember my 2nd grade teacher's name b/c I completed all of the assignments she gave my tutor. I got to school in October and My class was on Long division and double digit multiplication , long division. I wasn't. I tried so hard , My big brother was in HS and homework would 6 hours 3 of which crying. Teacher said I wasn't trying or disrupting the class and put me behind the filing cabinets. ( i was on high school reading & writing level and my grammar was far ahead of a grade school kiddo). They wouldn't keep me back and that was their error, They kept passing me through grades even though I sucked at math & science since 2nd grade, I begged to be kept back. Most of my friends were one or 2 yrs ahead or one below, ALGERBRA KILLED ME, and I struggled with geometry. I just stopped going to classes b/c i liked algebra and with my brother I could do it but w/o at school the teacher called me a pot head. We got computers and were on Dos. I to this day understand what you are saying completely but have no patience b/c my accounting math is to the penny, I think it's because NO ONE HELPED AND I ASKED. WHEN WE GOT COMPUTERS IN HS. DOS SYSTEM, I HAD ONE YEAR AND MY BROTHER HAD MOVED OUT WITH HIS FIANCE and my home life was so messed up I spent 2/3 of that yr with my best friends family and was put in senior math, The teacher pulled me aside and asked all the right questions , He went through my records and knew I was in rock bands playing adult venues since I was a kid, I had had a scoliosis brace for 4,5 years as a result of my two open heart surgeries which done differently for aesthetic reasons 90% of young girls had to be braced , not all followed the directions or wore theirs, My Mother caught mine young but technology wasn't then what it is now. He pulled me aside about two weeks later. I was a day dreamer, on drugs, didn't pay attention, and many other behavioral issues were in there, along with school psych evals that didn't match up at all to statements made by half of my teachers and no one looked at the ones from classes i aced. He WAS FURIOUS B/C he found that I had been ambidextrous and forced to use only my right side , had photographic and eidetic memory last checked at in grammar school and serious dyslexia post 2nd heart surgery. None of which was used to after how I was taught, He went right to my computer teacher after he and I talked and I ended up in tears and between the two of them luckily because Intro to 'computers was new it was Pass or Fail, she passed me through so I could go to math with him for senior math but instead of computers and during MY LAST SEMESTER I WAS IN HIS FRESHMAN MATH FUNDAMENTALS. I did horrible in computers in College but was only until I could change my major. Im definitely one who learns by all my senses and I know Govt & Politics like back of my hand. and One math teacher is reason that I passed math part of Real Estate on first shot and was a nurse who had no issues with medical conversions. I am glad I found you.
I really enjoy these podcasts, when i have long drives i always put yours on. Thank you for doing what your doing David. Im really excited about the Pegasus video. All the best!
One thing I've kind of been concerned about (although I personally don't have anything to hide, but stay anonymous anyway) is communication analysis.
Especially with how much more more work on AI is occurring recently (but even really before that), it seems quite easy to have a bot go through vast amounts of scraped data (be that on a relatively private chatroom, or public website) and analyze their writing style (or voice when applicable) and tie it to other accounts which would otherwise be impossible to tie together (due to taking extreme privacy measures).
I would expect that government orgs would have this tech, but I'm surprised that I've never heard about it, because we've had this capability for well over a decade, easily.
I'm wondering when it might become more common and/or when privacy-minded or paranoid people start using AI scramblers to re-word every single thing they say.
All the same: you can train AI to re-write your text as if someone else (say, a celebrity) wrote it. Needless to say they won't be able to reverse what you wrote at that point, nor would they assume the celeb you trained on wrote it. 😗
Tell me that you use an ad blocker, without telling me that you use an ad blocker. Hello, never heard of Grammarly? It's pointless for you to do all this 'hidden but not hiding' schtick if it's gonna make you draw the whole 'ACKSTUALLY...' crowd right to your door stoop.
@@DxBlack Until the time they write AI to filter out the influence of AI rewriting.
@@HighestRank well, all i'm picturing now is Americans in the 1938 running of "War of the worlds", scared of Alien invasion, only to turn out, it was a "British radio broadcast" 😆 The similarities with that ,and privacy is uncanny.
every American should hide every single byte of info from those demons at Google & the nsa!
The NSA also has a free reign in the Five Eyes countries. I learned that when I joined the New Zealand Navy a long time ago.
Love seeing OTW on the channel! Great interview and information, thanks so much David!
Great info. One counter argument - An anon VM is way easier to quickly/cleanly nuke and dispose of than a separate HW rig is.
But your VM still carry your own MAC addr. Therefore your computer.easy to compare. Unless you will flash the network adapter (not all can be changed)
@@martinberan2136unless the vm is running in the cloud and you wipe the vpc it runs on after. Ideally you're also connected to it with a solid vpn/dns proxy
After studing this mans voice patterns. I have come up with the strong conclusion that this man is Norm Mcdonald. ;)
Mr. David I absolutely love your shows and try to do my best in viewing them all. I'm kinda new to this field but have found it to be what you could call an obsession/passion in everything to do with hacking. I've never heard of OTW and find him truly fascinating and informative. I appreciate all your efforts and the things you share with us all. Maybe you could have him or even yourself doing a show on AndroRAT, Android-RAT Hawkshaw, Dendroid, HaxRat, LaRat, Mass-Rat, Teardroid-phprat and WH-RAT. Maybe all the RAT's? I apologize if you've covered these already. As I said, I'm new in this field and to your channel as well. But thank you none the less for all that you do. It's greatly appreciated.
Don't play with RATs if you're new to hacking
I think it would be a good idea ro invite some of these scammer hunters, and ask them few question on how you can really try to track them.
These guys are really like the cancer of the internet, and unfortunately most often are placed in countries with corrupter gov and police.
I think if more people would know some basic tools and techniques to make their life litrlebit harder, it would benefit everyone.
Seems like this guy is really smart one second, and BSing the next. Maybe it was just me picking up on that vibe. It kinda caught me off guard when he mentioned arch as a privacy distro, and when he was showing us a terminal tool, but couldn’t tab complete the config file. Also… brave?! That’s one of my last choices for a private browser. It’s based on google chrome (chromium), and is made by a company I find creepy. Not to mention the fact that he suggested starlink as something that helps your security! It’s just as identifying as a normal internet connection with the info it requires, that’s simply no better.
Than why arch Is not Good for privacy?
what is best browser is your opinion?
Finally somebody with brain :)
I scrolled the comments A LOT longer than I should have to find a comment saying that.
Haha the failure to use shell auto-complete was painful to watch.
Half his advices are phony, an the other half are missing nuances.
Adding a few things:
- ProtonMail as the best mail provider ??? No mention of anonymous tor mail providers?
- Try to refresh the ip address site to get a new IP, does not know that tor circuits are reused per website/host?
- edit a config file in an obscure GUI text editor?
@@distinct_mind answer is the question ... what browser is used in hacking distros? 😆
I have to say something about turning off cookies or services. Those are only visual representations that seem satisfying to the end user. There is absolutely no guarantee that choosing any of those options does anything at all. It could be easily programmed to show a graphical slider showing "off" while literally not affecting the coding underneath. Even a Visual Basic programmer knows that progress bars are totally fake.
46:42 I'm surprised he didn't mention OpenBSD, which is known to be the most secure BSD operating system, even more secure than HardnenedBSD, which is more or less FreeBSD with a lot of security patches...
This is my favorite RUclips channel. Most informative and thought provoking hands down.
Always high quality content, so happy to see Darth Sidius back on here, great interview, thanks for the great videos
I don't buy FBI's neighbour's WI-FI argument for several reasons. Instead the claim is constructed to spread fear, uncertainty and doubt. This is often enough to deter criminals from doing nefarious things. Moreover if suspicious activity is emerging from an IP, they have to thoroughly test the theory that it's not actually the IP's owner who did the malicious thing. With that aside, sure, it's a nice idea to knock on doors. But if the police knocked on _your_ door checking on "nefarious internet activity," would you tell them outright that, "Ya, sure, it was me! I hacked into the neighbours Wifi. Here are muh hands, just cuff me nauw pls!" Not very likely.
Ive seen special antennas that can reach WiFi routers 5 miles away only for 300 dollars. Not a bad distance at all and definitely not next door radius.
you should look at what a device does when looking for wifi networks.
They likely have additional information already they are trying to match. Aka, someone uploading inappropriate stuff and they find the subjects depicted at one of those nearby homes and the content has interior footage that can be matched to the home. I doubt it is a matter of just asking people to confess to crimes.
I have wasted several minutes trying to find someone who would think the same way as I do. The moment they say "it's 100% certain they will catch you," it already demonstrates how false it's being.
If you're going to live in a city with tall buildings resembling beehives and you get yourself a good antenna, I'll bet you whatever you want that it stops being 100%.
Furthermore, I don't know where this person lives, but in my country, without a judicial order, they can't enter your house. Do you know how much time they would waste searching everything?
It's true that many people have committed cybercrimes, but you don't need to be intelligent to do it either. The people who are truly intelligent continue committing crimes and they haven't been caught. So, getting back to the topic, that 100% is completely false.
@@GerardSalvathere is no anonymity in the internet, Tor is not anonymous, most exit and entry nodes are controlled by fbi.
As always good content, I'm impressed with you I really like your videos usually with videos longer than 10 minutes I watch them between days but yours almost always keep me engaged.
Thanks for all the great videos. Excellent content and guests, you know who, for example.
I’m almost 50 and I regret, every time I log on the a piece of tech, that I didn’t try to learn Linux when it first hit the scene.
My concern now, has to do with Microsoft , adding the WSL functionality to the stock options of Windows. When you read the user agreements that are buried along side and pertaining toWSL, it seems that it was not a benevolent decision to allow Windows users to access Linux. I hope someone looks into this because Microsoft doesn’t do anything for free. And the way the new user agreements ( that no one reads and blindly agree to) seem like the position Microsoft to take ownership of anything the may be created under WSL. I hope I’m wrong. If not, I hope someone brings it to light.
Thanks again!!
Linux is not hard to learn to use. It's a pain to troubleshoot though.
All the steps you have to go through to ensure competent anonymity doesn't seem to be worth the effort to hide yourself from unknown entities who have the power to easily find you anyways. And of course the more secure you are the less usable you will be, not to mention the slowness involved.
How come the NSA, CIA, & FBI act like it’s so hard and damn near impossible for them to bust these child SA groups and sites that organize, sell, and meet up through online platforms but they can get anyone else’s info when it comes to anything else while online in the US?
It's about authorities. First, NSA and CIA are intelligence agencies with their own individual missions. They were created for national security purposes and for gathering foreign intelligence. They do not deal with crime in any capacity. The FBI on the other hand would tackle this kind of mission. However, they do not have the same authorities/access to resources the NSA and CIA have. People already complain about the NSA/CIA and think they have too much power. Imagine if you gave those same resources to the FBI, who are allowed to target US citizens (because that's their job). From the outside it seems very simple, but I promise you it's not as easy as you think. No one wants what's happening to those children to continue - I can promise you that. If the solution were easy, it would have been done already.
Because they use those groups to compromise people they want to control. Just like they never released Epstein's guest book logs which they now possess
@@cyberchef8344 Right, they need to show they are capable of doing their job of 'finding out'
It would scare millions if they just came out with "we can easily get at them with little to no door knocking"
I refuse to believe departments don't have the same "authority".. That is the same as "Governments need out. consent before they can search and look into accounts, etc..
cause they are all siops in on causing the current chaos everyone is going through
@@cyberchef8344 I'm of the opinion none of these agencies are particularly concerned with staying within their assigned boundaries and the only thing keeping them from cooperating and sharing info is their own arrogance, hubris, and conceit.
Can you guys make a video on people search and how to OSINT other people, including yourself? Not like hide from the FBI privacy, but to show the kinds of tools and techniques someone doing the investigation would use. I think it would fill in some gaps.
Look into tools like Maltego and its transforms for pen-testing/de-anon
Hey David, thank you. This is good stuff. What is your recomended start point to be an ethical hacker please?
I would love to see more content like this but also discussing stingrays... Because stingrays play a huge role with the government tracking cellphone data... A burner phone may make no difference if being monitored by a stingray
Never heard of such term. Mind explain the term to someone who hasn't coded a single line in life?
@@axolotl2494 it's a device the size of a radio that can mimic a cell tower. Anyone nearby with a phone using the carrier they are mimicking would go through it first and then they can extract information such as the phones IMSI numbers. They can also force your phone to do a number of things such as using an older protocol that's less secure by pretending to be unable to accept the new more secure one. There's a lot they can do.
But like everything it's about layers of effort and resources. Someone would need to know your general location and pay someone to sit near you in a van and know what carriers to mimic etc.
@@1three7 Huh, never thought about such possibility as simple as it is. Thanks for the answer!
We cover stingrays and other cell phone hacking in this Mr Robot video: ruclips.net/video/UYt0r5Rw2gE/видео.html
Also you can consider running a DPN over a VPN for that extra layer. I build and mange my own network with this method. I basically hijack another ISP although this can be risky due to it been virtually impossible to control the hijacked ISP’s DATA but my own ISP is receiving nothing of my own traffic. I would consider looking into a DPN from deeper network if you want to keep it simple stupid. This technology is slowly been adopted by people such as my self. Although and this is true your never 100% secure no matter your OPSEC there is always that 1 little bit of evidence you will leave. But if you run a DPN through VPN and bridge though your own DNS and access through a secure day 1 windows 7 VM you will have very good security no matter what you do unless you forget to delete metadata from any uploaded photos or videos such as on a marketplace. That’s when you will get unstuck. Again it goes way deeper then this and I may consider writing a book
Yes, really appreciate your work guys. Please bring all those topics starting with Bitcoin tracing/anonymity.
Thanks for those amazing infor, David my regards to occupy the web am sure I will be able to build back my workstation and how about when I got a question to ask.
45:30 Wasn't there a case in 2021 where Protonmail logged a French activist's IP-address and handed the data out to the swiss police, which in turn sent the data to the french police?
I know that one can't really compare this case to "normal" users of Protonmail, but one should not forget that Protonmail (or any other encrypted mail provider) will have to comply with law inforcement, if they want to or not (even if the are not able to read your E-Mails).
At the end of the day, if the Police / Government demand details, what can a legitimate company do? The laws are much stricter in Switzerland, so that makes it much harder than in some other countries, but as OTW says... if you want to hide from the NSA or your local government agencies, you're going to really struggle. Did you see the FBI "encrypted phone" that was used to catch criminals? www.justice.gov/usao-sdca/pr/fbi-s-encrypted-phone-platform-infiltrated-hundreds-criminal-syndicates-result-massive - I see Proton changed their policy: www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
Remember, that if the Activist used a VPN he would of not been caught.
Its misleading to say that they handed over the IP willy nilly.
Not defending them in the action but yourself needs good OPSEC too
The problem with disabling cookies is some websites will actually limit functionality or even make it impossible to navigate unless you turn on and accept cookies. How do you overcome that?
I also had this thought and came to the conclusion that I won’t sacrifice my privacy to purchase from a company that doesn’t value my privacy, and actively chooses to rid me of it.
You accept the cookies and then wipe them out later.
First time watching your content - Great clip and I subbed. Reassuring that I already take most of the basic steps. I'm about to go Linux, but still need Windows for some specific things. What would you and OTW think about running Windows and Linux on the same hardware pc, but not virtually one within the other ie Dual boot/Dual signin? What are the privacy and security implications for that as opposed to running one of them virtually one inside the other? Thanks in advance.
The Mr.Robot scene was actually one of the few inaccurate ones in the entire show. The dude was running a HS, it had nothing to do with exit nodes. The actual attack on an HS is traffic correlation, that if you own a substantial part of the network to become the last relay (not exit, there are a lot more relays) and provoke a lot of traffic, you can see a spike to the probable HS. That still wouldn't give you the HS descriptor. You'd have to know that first. So the investigation would start with the site and not the network it flows to. The extreme high level of observability to deanonymize a HS outright are only available to state actors (or someone dropping a few grand on Tor relays, but that's less effective, you'd notice and it'd be expensive)
And this is why Tor doesn't like to change your routes very often, to protect against statistical attacks of this sort. That is why a simple refresh didn't change his route. You can delete the file where the route is cached if you need to generate a new route (current one too slow, etc...) but it is not recommended if you need anonymity.
The ubiquity of video surveillance (at least in developed countries) has a huge impact on this topic. For example, buying a burner phone with cash and leaving your primary device at home is great, but much less effective when there's HD footage of you buying the device, marked with a handy location and timestamp. The more this type of footage is stored in the cloud (and is therefore accessible to gov't agencies) and the more accurate facial-recognition tech becomes, the easier the task of associating you with particular purchases gets. Hell, retailers are trialing these sorts of systems themselves, so they can push ads to you in-store based on what you're looking at. So, unless you wear an "AI-proof" disguise when you buy that burner, sooner or later you'll get tagged.
True but i you ve gone to that level u can wear mask, hoodie and maybe makeup
@@birdbeakbeardneck3617 If the idea is not to stand out and draw attention/suspicion, then turning up at Target looking like a ninja is probably not going to cut it. Also, now that the pandemic is supposedly over, a lot of retailers are banning masks/hoodies etc. Makeup might work, but I'm guessing future AIs will see through that pretty easily.
@@tsundokujim exactly. If You live in an area where no one likes to cover up their face and just wearing a hoodie makes everyone stare at you in fear, and get stalked by worker staff, then how do you actually disguise yourself?
I'm trying to figure out how to buy and get burner phones and prepaid Sims sent to me without revealing my private info because no transportation and crappy taxi and uber services being unreliable makes it hard to go out and get stuff.
But how do you find s way to get it delivered to different address and keep your info private?
Is complex to find him on the net but David you can find him easy 😅. Nice work, i watch you ever, great material!
Some useful info not mentioned: A potato chips bag with a shiny inside works well as a Faraday cage (if in doubt test it yourself). Also, just having your phone off in some cases is not enough. Because if you are being targeted your phone can be remotely turned on to eavesdrop (unless it's in a Faraday cage).
remove the battery and sim card every time after use, the NSA can track phones turned off,
I learned that from that movie Enemy of the State with WIll Smith. If you never seen the movie, watch it is a real good movie. Despite the fact that you might like or dislike Will Smith.
@@fsohrabiGreat movie.If you listen to the background newscasts, it predicts the Patriot Act.
Potato chips bags is mostly made from a thin layer of Mylar .
A Faraday bag is what you want to use
Why do you think you can no longer remove easily your phone battery anymore? So that even if you turn the phone off you can be traced by remotely turning it back on.😉
In now-days world it is practically impossible to stay anonymous. There huge number of cameras outside and every computer transaction is logged on multiple of devices. If you want to stay anonymous then you can kind of get lost on crowd for moment. But it is only matter of time and resources poured on searching when you get tracked. Best way to be anonymous is not to do any major things what other people do not like and/or have powerful ally to protect you.
My favorite thing to do is have a open network to just see what people do. Always fun to look
14:30 surprised he didn't mention Brave browser's option to block cross-site cookies here.
By blocking only cross-site cookies (and still allowing same-site cookies) you can prevent websites from profiling you, without sacrificing functionality in the vast majority of cases.
28:40
or Firefox, which also pisses off Google so win-win-win.
@Merble Sure... But firefox developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation.
Occupy The Web is a guy I could see myself having a beer with.
But neither of us ever will unfortunately as he is totally anonymous...
If you could find him lol
@@davidbombal Hmmm, well if I were to ever be blessed with a job offer from the NSA... It would be good incentive to accept, if for no other reason than to grab a beer with OTW 😊
@@thedapperturkey I'm nowhere near that good...lol
lol... that's a great comment James!
You did mention this but still: There is no such thing as truly being anonymous or safe. It's all about making it as hard as possible to find you and hoping that the person or thing trying to find you will not have enough knowledge or motive to find you.
I'd love to hear his thoughts on the additional security of using a Virtual Browser for secure surfing (Network Chuck created the concept and made a video on it).
It still has to traffic the data such like a proxy.
@@bradley1995 no its worse- It's streaming the entire chrome or firefox browser to you, they can like actually record your screen and keypresses even if they wanted.
just ask him yourself. order and cancle a book of him you will get some information from his bank and business
He did not create the concept lol
@@russellstall169 pretty sure i saw some failed startup try to stream chrome into chrome before, and before that even there was the puffin browser that would stream chrome in order to allow flash to work on mobile.
David, you should be proud for putting out such content!
hes good , beter than most
My friend was a cashier on a store and after a group of guys purchased a multiple "pay as you go" SIM cards, the police in civil clothes came in to the store and wanted to see what was the purchased SIMs serial numbers or something like that, obviously the were tracking these guys that were probably drug dealers and were about to tap their burner phones. So I guess even those kind of burner phones are not entirely secure.
Well you know wanted keep drugs out of any country they could but they also know
😊 we were populating to Quick
Oh, OccupyTheWeb, amazing dude! Love his content. I'm now reasing his Linux basics for hackers book and learning from it, definitely a must read. Thank you David for giving us the oportunity to again listen to him.
Agreed! He's amazing. You're welcome! Hopefully we'll have him back more often!
@@davidbombal I hope so, would be quite cool to see him more on these kinds of shows
How can David's guest be anonymous if he doesn't mask his voice? Anyone who knows him personally can recognize him. Or even if he uses software to mask his voice, how can he be so sure that the output of the tool he's using can't be reversed to reveal his true voice? Or maybe the guest actually types out his answers into software that reads text out loud, and the interviews are edited to give the appearance of a fluid conversation? At 4:19 he says that from his American accent it's obvious he's from the US, so either he's using his real voice, or what he said was just to throw people off.
Yeah, this does have a SNL skit feel to it. The guy may have been active in the past, but he's a consultant now making $ off of his past.
His voice is ran thru a masking program. Saved as an audio file. Then ran thru an AI program. Saved as an audio file. Ran again thru masking. Rinse & repeat dozens of times. It’s so far from the original by then.
@@abc123def98
Hi. Thanks. But he's replying to David real-time, which means David knows his voice, doesn't he?
@@abc123def98 Haha, first time I've considered that, nice strategy considering the accuracy they can use to identify you through this these days.
Plus, he has wrote many books. How does he get them published without revealing his identity? Is that possible? I don't know lol
Dude, the second a book like that is on the market, the vulnerabilities get fixed
Most if not all of these measures are highly flawed and depend on assumptions.
I love it! xD
There is some misinformation / bad advice on some of the topics, e.g. the subject line in ProtonMail is not end-to-end encrypted, only the content and attachments.
Isn't the Proton Swiss? They are pretty much against the US laws
I noticed some weird opinions / wrong terminology in this video as well
The MR. Robot reference is wild😜
when bad people exposing themselves out in the open in broad daylight proudly doing bad while people against them has to be shady, creeping, tip toeing in the dark like thieves. upside down world and you comply
Comp lies what are you a token pump? Got bit coin golden beaver local.
Pump up the volume. In the movie he used the neighbors phone over wireless. Ahead of his time I guess.
Hope you enjoy the video James!
Well, it was Mr. Robots’ dad at that movie (Christian Slater)
@@none13666 Very true!
awesome movie and what led me to setting up my own pirate radio a few decades back..
Is it safer to set the exit node of TOR in a country like Iceland or Switzerland because of the data laws there?