Hey guys, hope you are all doing well. I don’t normally write a post such as this, but I want to cover a few important topics about personal “maintenance” of data you may store.

This data includes email content and attachments, and especially if you are using a common webmail provider based in the United States, such as Google and Google Mail. These web providers do not cherish and protect your data. They sell it, they give it up, they hand it over to the US Federal Government. Microsoft doesn’t even charge anything for it, they just give it up willingly. Google has the head about them to charge a small sum for the logs containing the IP address and date and time of every access to your email account since inception.

Although I don’t have it published anywhere here on the blog (I should, shame on me! Go to pgp.mit.edu) I do have at least one GnuPG public key hanging around out there which you can communicate with me via. Some of you do, and it is very beneficial to the privacy of our communications. However, this can all be for naught, if you do not maintain good practices, or “housekeeping”. What I mean by this is that if a hostile entity, such as the US Federal Government or a lapdog agency, were to gain access to your system and your private key, it is possible that your private communications could be revealed and any private communications you have had would be exposed.

This is especially true if you give up access to the key (e.g. on an encrypted system) because of force or threat of force against you or your family. Now I know what you are saying, “Max, jeeze, you’re paranoid. This doesn’t happen where I live. I live in the United States, Federal Agents don’t do that!” Well guy, or gal, it’s time to wake up. They do that. They do that and they can and they will. They will beat you. They will threaten you. They will carry out those threats to get your passphrase.

The point I want to make is this, good housekeeping with your keys, means that you will revoke them from time to time, you will use keys that expire, you will delete and overwrite data that you don’t need to leave sitting around.

This includes full hard drives, single files, slack space, free space, emails, email attachments, etc.

The Anti-Forensics project will be going through some changes, we may change CMS and ISP. Up to this point the project has been more of a side-project of mine, but it is more important than that, more important than a side project with shitty hosting (which has served its purpose up to this point) and a shitty content management system. I won’t let some idle (at this point) threats of seizure, shutdown, etc. stop the project.

Over the next few months, with the passage of the new NDAA 2012 bill imminent, and domain seizures being carried out by the Department of Homeland Security, I will be attempting to move data to a non-CMS system, and an ISP based somewhere outside of the Fascist American state. I also believe (maybe I am naive to some extent) that by diversifying the TLD through multiple countries that SOME threats can be rendered moot.

A consequence of this may mean that the open forum system that is currently in place (I know, no SSL/TLS) may be changed or removed forever. I will maintain this content and provide it to the public however.

Regardless, those of you who have put in hard work with me and simply through your own research, will be preserved to the best of my ability on the “open Internet.” I don’t want to move data to a darknet, most of this data exists out there on onion, freenet, and other projects. It needs to be available to the system used by the majority of Earth.

So in closing, I want to reiterate the main point of this news update. Ensure that you have kept up on your housekeeping chores. Revoke old keys. Update that revocation in public systems, so that it is known, practice good data deletion, data maintenance, etc. Do not use your unencrypted hard drive, an obviously encrypted digital device, or software device as your filing cabinet. Do not use your email account as a filing cabinet. If you have old communication that you do not require to hold, wipe it, get rid of it.

You don’t need it.

No related posts.