American Partisan: Using Encryption with Veracrypt

This practical article from American Partisan discusses the use of the program Veracrypt to encrypt data in files and hard drives. While the lead of the title is “Clandestine Communications,” there are many reasons that you might want to use Veracrypt encryption in your day to day life. I have used it in a legal setting in order to encrypt an attorney’s sensitive trial files to take them between the office and the court room. You can use it to safely store a password file. At home, you can use it to securely store photocopies of your credit cards, social security cards, firearm serial numbers, birth certificates, passports, banking information, or any other information that you want to have available, but not just sitting where it can be stolen or hacked. For preppers, you can take that same encrypted file of your important information and put it on a USB drive and toss it in your bug out bag or a vehicle Go-bag so that if you have to leave home because of a fire you’ve got all of that vital information gathered already.

Clandestine Communications Part Four: File and Hard Drive Encryption with Veracrypt is a pretty simple overview of getting started with using Veracrypt software. Veracrypt is a free (free as in no cost), open-source (free as in liberty) software program. Because it is open source, the source programming code is freely available for viewing so that the software can be audited for security holes and backdoors. You can use Veracrypt to encrypt an entire drive, or you can create a volume which looks like a file to your computer which you can then mount as its own drive. There are also other more advanced features.

Today’s article is going to talk a little bit about how to use Veracrypt in order to encrypt both a file volume and a flash drive. Veracrypt can be downloaded from here.

Once you install the program, let’s take a look at what it looks like.

I recommend you spend some time in the Help menu – particularly in the ‘User’s guide” and “Beginner’s Tutorial”.

Veracrypt can encrypt your files in a few different ways. The first way is creating a volume. The volume is almost like a file itself – it can be copied, pasted, etc. It acts, in a way, like a super secure .zip file (without the file compression). The second way you can encrypt your files is by encrypting an entire hard drive or flash drive. This method in particular could be useful if you were using a dead drop system to pass a One Time Pad as you could buy a lot of inexpensive flash drives, encrypt them, and then use them in your drops.

Veracrypt also has a really cool future that I may touch on in a later article called Hidden Volumes. Basically, this creates a volume within a volume, and each volume has a separate password. This could be useful if you are forced to open the volume at gun point. The idea is that in the outer volume you have some sensitive looking documents but not the actual files you want to encrypt. If you were forced at gunpoint to open the volume, your actual files would be safe (since they use a different password). This may be something that many of you are interested in.

Volumes

To create a Volume, click on the “Create Volume” button in the lower left of Veracrypt. Here, a menu gives you some options. For now, we are going to stick with the default option of “Create an encrypted file container”. The second option is used for encrypting flash drives or external hard drives, and the third option is for encrypting the hard drive that runs your Operating System. Click Next.

Here, we have the option of creating a Standard Volume or a Hidden Volume. Since we are just starting out, make sure Standard Veracrypt volume is checked and hit Next. Now it is time to decide where we want the Volume to be. Click “Select File”. To make it easy, navigate to your desktop. In the “File Name” line, name your file. Click Save and then Next.

The next screen is where you can chose what type of encryption you want to use. I will leave it up to all of you to figure out which one is best (to be honest, I don’t really understand the differences so I am not going to give you a recommendation – if you do, throw it in the comments). Once you do, click Next.

The next screen is where you get to decide how big you want the file to be. For this example, I am going to go with 1 GB but you can choose whatever you want (think about what you are wanting to store in it and use that as a guide). Once you decide, click Next.

This screen is where you create your password. I have two rules for you to follow: 1) use numbers, letters, and symbols, and 2) use capital letters and, if you want, spaces. A great way to get a strong password is to use a password manager like KeePassXC. I actually don’t have one set up yet, so I will be doing a future article on how to do that as well. You can also use keyfiles, which is like selecting a few different files you already have to use them as the password. It is not my favorite way of doing it, but YMMV. Once you have your password entered, click Next.

The next screen is very important. You are choosing both the filesystem you want and generating the random pool to make your encryption stronger. I generally tend to use an NTFS system because FAT filesystems don’t like files over 4 GB, but again do your research and choose the filesystem you want. Then, move your mouse as random as possible inside the window. You will see tons and tons of characters in the “Random Pool area. Do this for at least 60 seconds, but the longer the better. Once you are done, click Format.

Once the formatting is done, it is time to mount your file. Go back to the first window that appeared when you started Veracrypt. Now, click on Select File on the bottom right. Navigate to your file and select it, and then select Mount. Enter your password, and select OK. Once the file mounts, you can go into Windows Explorer. You will notice in your hard drive list under “Computer” on the left hand side, there will be a new hard drive. In my case, it is Local Disk (J:) as we can see the size is 0.99GB. You can now click on that and copy your files in! In order to dismount the volume, just select it again on the main screen of Veracrypt and click “Dismount”.

Flash Drive / External HDDs

To encrypt a flash drive, begin once again by clicking “Create Volume”. This time, select the middle option of “Encrypt a non-system partition/drive”. Click Next, and you see that once more we have the option of creating a Hidden or Standard volume. For this, I am creating a Standard Veracrypt Volume. Click Next.

Now, instead of creating a file, you are selecting the flash drive or hard drive you want to encrypt. Once you select your drive, click OK. You are given two options for the Volume Creation Mode. The first one is for when you have no files on the drive and want to encrypt it more quickly. If you choose this option AND you have files on the drive, they WILL be overwritten and lost. If you have files on the drive and you cannot or do not want to take them off, chose the second option, “Encrypt partition in place”. I have never used that second option because I am terrified something will go wrong and I will lose my files, but YMMV. Make your selection and click Next.

Just like creating the volume, select your encryption algorithm and click Next. Verify that the size on the screen is really close to the size of the drive you want to encrypt (in this case, my flash drive is 4 GB in theory and in the above picture we see it is 3.7 GB, which matches closely below which says 3.65 GB). If it is really off, go back and make sure you selected the right drive to encrypt – this is really important. Once you verify it is correct, click Next.

Once again, create your password (DIFFERENT FROM YOUR FIRST ONE – NEVER REPEAT) and click Next. The same rules from the Volume section apply to the password. Now choose your file type and click next (again, I personally use NTFS). Move your mouse around in the box again to random the Heading Pool and, once you are done with that, click Format.

In order to Mount the drive, you can select what letter drive you want to mount the volume in and either 1) Click “Auto-Mount Devices”, type in the password, and click OK, or 2) Click “Select Device” and choose the device on the screen. Then, access the drive just like the volume and copy your files in!

References

https://securityinabox.org/en/guide/veracrypt/windows/

https://www.veracrypt.fr/en/Beginner%27s%20Tutorial.html

https://www.veracrypt.fr/en/Plausible%20Deniability.html

CISA: Alert for Potential Iranian Cyber Attacks

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has issued an alert to be prepared for possible cyber attacks on infrastructure. It may be a good idea to have some cash on hand and keep your fuel tanks fuel in case a cyber attack were to prevent payment processing systems from working for a time. Be on guard for suspicious email link and attachments. Make sure you have backups of important data in case a cyber response takes the form of a computer virus/worm/trojan that damages or destroys files or filesystems.

The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the United States and Iran’s historic use of cyber offensive activities to retaliate against perceived harm. Foremost, CISA recommends organizations take the following actions:

  1. Adopt a state of heightened awareness. This includes minimizing coverage gaps in personnel availability, more consistently consuming relevant threat intelligence, and making sure emergency call trees are up to date.
  2. Increase organizational vigilance. Ensure security personnel are monitoring key internal security capabilities and that they know how to identify anomalous behavior. Flag any known Iranian indicators of compromise and tactics, techniques, and procedures (TTPs) for immediate response.
  3. Confirm reporting processes. Ensure personnel know how and when to report an incident. The well-being of an organization’s workforce and cyber infrastructure depends on awareness of threat activity. Consider reporting incidents to CISA to help serve as part of CISA’s early warning system (see Contact Information section below).
  4. Exercise organizational incident response plans. Ensure personnel are familiar with the key steps they need to take during an incident. Do they have the accesses they need? Do they know the processes? Are your various data sources logging as expected? Ensure personnel are positioned to act in a calm and unified manner…

Click here to read the full alert at CISA.

Related:

Iran Fires Missiles at US Troops at Ain Assad Airbase in Iraq

Forward Observer: The Coming Cyber 9/11

Yesterday, Glenn Gerstell, the general counsel of the National Security Agency, published an opinion piece in The New York Times – I Work for the NSA. We Cannot Afford to Lose the Digital Revolution. The subtitle was Technology is about to upend our entire national security infrastructure. Today, Sam Culper, intelligence analyst at Forward Observer, has a short video out about the piece and its contents titled The Coming Cyber 9/11. In this video Sam Culper discusses the warnings and what could become a cyber 9/11.

Among other things, Sam Culper summarizes Gerstell’s warnings:

  • The government will be ineffective at handling all of the technological threats as opponents are becoming more and more “peer” rather than “near peer” adversaries..
  • Systems disruption could, and likely will, occur at any time.
  • Big tech companies will become more powerful than actual governments.
  • The effects of rapid technological development could upend governments and societies.

Related:

Al-Qaeda Chief Issues 9/11 Video Urging New Attacks on US, Europe, Russia, and Israel

CSG: Welcome to the Panopticon

Combat Studies Group has a comprehensive article up about choosing a secure chat/messaging application in this time of increasing governmental and corporate excess. It’s a long read, but if you are interested in your privacy you should give it a read. If you don’t understand what he’s talking about, then this is a starting point for your electronic privacy/security education.

Welcome To The Panopticon, or “How I Learned To Stop Worrying And Love Information Warfare”

So it’s 2019……and so far we have:

– Twitter, Facebook, Youtube and the like, de-platforming or censoring any content that leans towards the right or conservative side.

– Amazon, Google, Apple, Microsoft, et al, doubling down on collection of people’s data.

– The US intelligence apparatus convincing major hotel chains (Marriot for one) to collect information and report on hotel guests (for the most trivial of “abnormalities”, if one can call them that).

– Amazon working with law enforcement to implement widespread facial recognition gathering.

– Those nifty DNA/ Heritage testing sites have been caught giving your DNA to Uncle Sam.

– Cellular providers selling your real-time location to anyone who wants to buy it.

– The proliferation of “smart” devices such as Alexa that is always listening.

– Web browsers screening the news you search for and only letting the “leftist” slanted news through.

I could go on for pages and pages, but you get the point. One needs to become aggressive to secure their privacy in this day and age….so with that in mind I thought it apropos to publish an updated breakdown of available options.

Lets establish some standards that should be adhered to when choosing a chat application.

1. It should be comprised of open-source code. Open source code can be audited by third parties for completeness, proper implementation and potential security vulnerabilities.

2. It should employ end to end encryption. In other words, the encryption happens on your device and the decryption happens on the recipient’s device versus a third party server. This removes the need to trust a third party with your keys.

3. It should utilize INFOSEC industry accepted standards for cipher primitives. It should use well studied ciphers, key exchanges and hashes such as: AES-256, RSA-4096, ChaCha20, ECC-512, Curve25519, Poly1305, secp256k1, Curve448, Twofish, SHA-3, Whirlpool, GPG.

4. It should utilize forward secrecy. This protects the user if they have a key that somehow gets compromised. In this setup the system renegotiates the key exchange at short, established time intervals. Diffie-Hellman  is a common implementation of this concept.

5. It should support the removal/destruction of messages on both ends of the conversation. This could be based on a timer, manual selection or a “destroy on read” protocol…

Click here to read the entire article at CSG.

Related:

Technology and Avoiding Censorship

 

More Anti-Gun Crazy from New York

From RochesterFirst.com, more proof that the inmates are running the asylum – Proposed law would let State search gun owner’s social media and internet history. The privacy invasions involved in this bill are a new level of crazy. Look for more of this mental diarrhea coming to a state near you.

A new act introduced in the New York State Assembly this month would require pistol owners to submit to a “social media review.”

Anyone applying for, or renewing a pistol permit would have to give up all login information, including passwords, for any social media sites they’re a part of.

Posts from the past three years on site like Facebook, Twitter and Snapchat would be reviewed for language containing slurs, racial/gender bias, threats and terrorism.

One year of search history on Google/Yahoo/Bing would also be reviewed.

Related:

Conservative Firing Line: New York Senate Bill 9191 – Destroying the Bill of Rights

CSG: GroundRod Primer, Mar. 24-25, 2018 – Prosser, WA

Combat Studies Group will be holding their GroundRod Primer course in the Prosser, WA area on Saturday and Sunday, March 24th and 25th, 2018. This is a two-day class. This class has moved from the Boise, ID location. Please sign up through the Combat Studies Group email address if you are interested in taking the class. The information is very valuable.

Details: https://combatstudiesgroup.blogspot.cz/p/courses.html

Class – Ground Rod Primer

Cost $400

Time Saturday and Sunday 8am – 5pm

Benefit – help limit your electronic footprint and learn how to protect your data and communications

GroundRod Primer  –  Internet and digital tradecraft

GroundRod Primer is designed to address the fundamental concerns of journalists, concerned citizens, activists, whistle blowers, missionaries and liberty lovers in general, with regard to digital security. Whether hackers, governments, criminals or acts of espionage; our privacy is in serious jeopardy.
You will learn to secure your devices and communications in the following ways:
Properly employ symmetric and asymmetric encryption
Create and safely store powerful passwords
Guard against common criminal and state level intrusion techniques
Recognize unsafe software you are using now and explore safe replacements
Surf the web anonymously
Explore the deep web
Transfer files safely
Communicate securely and privately
Understand and deal with malicious firmware
Crypto-currencies
Properly employ “burner” phones
GroundRod Primer is meant to take the uncertainty and guesswork out of digital security, give you a fundamental base of knowledge to grow from and get you up and running with the highest levels of security available TODAY.
Follow on courses will delve deeper into these subjects and address escape and evasion techniques and other tradecraft.
Gear Requirements
* Laptop
* Three USB thumbdrives (4-8 GB)
* Note taking materials
* extension cord

CSG: New Items Coming to Store

Combat Studies Group has announced some new items coming soon.

We have been hard at work over the last several months developing new tools to help secure your digital life. We continue to refine the Sepio Secure OS and expect to release the Sepio 2 this summer. Other items that are coming soon:

Sepio-Offgrid Rugged Laptop

– Offers the same level of rugged MILSPEC protection as the famous Toughbooks
– 14 inch HD screen
– 8-32GB RAM
– 128GB -1TB SSD or HDD
– i3 CPU (non vPro)
– Sepio Secure OS
– Optional packable solar panel/battery combo for field use
– Estimated Price: $1600-2000

The Libertas XL

– A 9 inch rugged tablet with:
– Dual-core 64bit CPU
– 2GB RAM
– 16 or 32GB storage
– Estimated price: $650

Sepio-Micro Desktop

– A full featured Sepio desktop not much larger than your hand.
– Plug in your own keyboard, mouse and monitor
– Estimated price: $750

Graybox Secure Router

– Router, Access Point, Bridge, Firewall, Intrusion detection and VPN all in a small package.
– Estimated price: TBA

Home Theater System

– This would replace your Roku, AppleTV, Chromecast, AmazonFire, etc media devices. It will have the same functionality – streaming of your favorite shows, music, etc, but without the spying.
– Estimated Price: TBA

GrayMatter VPN Service

– We have been testing the beta of our very own VPN service. What will it offer?

– Servers in jurisdictions that are respectful of privacy rights
– Servers setup with same security you would find in the Sepio
– No logging of customers
– Anonymous account creation and payment support
– Wireguard, TOR, OpenVPN and Shadowsocks
– Multihop support
– Secure, non-logging DNS

– Estimated Price: $6-10 monthly


I should mention that all of our products are fully patched against the Meltdown and Spectre vulnerabilities. 

CSG is also holding a GroundRod Primer course in Boise, ID on March 24-25, 2018. The GroundRod Primer is an intensive digital security course of instruction.

How To Avoid the Plague

Perhaps you’ve read in the news lately about the current, big virus sweeping across Europe.

Cryptoviruses (a computer virus that encrypts a victim’s data in a way that the data can only be retrieved via a key made by the attacker) are the current weapon of choice of those bent on using malware to either cause electronic destruction or criminally extort money from anonymous reaches of the internet. In 2016, ransomware (a virus that encrypts or otherwise locks away a victim’s data) payments were estimated to hit $1 billion for the year.

The virus currently in the news is called Nyetya:

“After an hour of attempting to spread across the network, computers infected with Nyetya will reboot. After restarting the computers will appear to run CHKDSK (utilised to check the hard drive for errors) but the malware is actually encrypting files. Once this is completed the master boot record (MBR) is overwritten with a custom loader that will display the ransom note on boot.

“The ransom note presented to the user informs them that their files are no longer accessible and that $300 worth of Bitcoin will need to be paid to a specified Bitcoin wallet address in order to get the decryption key necessary to access their files. The user is instructed to e-mail a posteo.net e-mail address with information to identify their Bitcoin payment transaction. Posteo has disabled the e-mail account in question, it is not possible for victims to get decryption keys following payment as a result of this.

“Microsoft confirms that the initial infection vector for this malware was caused by a software update for MeDoc, a Ukrainian tax accounting package, pushed out via a hacked server. There have also been reports of the malware spreading via phishing e-mails.”

Viruses have gone from annoying interruptions which required expensive support to clean your computer of infections, to destructive invasions which destroy all the information on your hard drive. Below are several tips on how to avoid getting infected, but as a home user one of the most important tips is to keep a backup of all of your important data on an external drive of some sort – like a thumb drive, home network drive, or external hard drive – something that isn’t always directly attached to your computer where it could be destroyed by a virus.

Here are a few tips to avoid malware problems both inside and outside work (source is https://blog.exclaimer.com/educate-users-about-email-threats/):

  • Don’t click a link in an email unless you are 100% certain that it is safe to do so. If there is even the slightest doubt, delete it immediately or send it to the Helpdesk (if you have one).
  • Don’t open or respond to emails that look suspicious, unusual or appear to be from someone you don’t know that asks for personal or financial details.
  • Ignore attachments that you weren’t expecting, especially if you don’t know the sender. Many malicious attachments masquerade as Word documents or familiar file types, so check with your IT team if there is any doubt.
  • Check your spam folders regularly in case a legitimate email gets caught in the filter. Whitelist important email addresses so they won’t get filtered in the future.
  • Never give out personal details by email or fill in forms that pop up when you open an email as these will often be phishing attempts.
  • If you haven’t given your address to a business that emails you, do not open or interact with the message.
  • If you get a notice from a financial institution or any other online account stating that you need to upgrade your details or change your password, don’t follow the instructions, but go directly to the institution’s website and see if your account is in order. Financial institutions will never ask for these details over email nor will most other reputable institutions.
  • If you think you might have opened an email with a malicious attachment or clicked or a malicious link, shut down your machine immediately and inform your IT department. They will then be able to isolate that machine from the network and run any necessary scans. If you don’t have an IT department, take it to your local PC technician for a virus check.
  • If you receive an emailed calendar invite from someone you don’t know or it looks suspicious, don’t accept it. If it is from a colleague who is not using a corporate email address, find out it if it is real. In any case, delete the invite just to be certain.`
  • Be careful when logging onto Wi-Fi networks, especially public ones. Always stick with trusted providers and avoid suspicious-sounding SSIDs. Hackers often spoof genuine SSIDs in order to steal passwords and user names.
  • Don’t use the same password for your work email account as your personal one.
  • Avoid posting your work email address in public forums, blogs and websites unless it is absolutely necessary. You will be making it too easy for hackers to get your address and use them for various spamming attacks.
  • Never download any software that has not been approved by your IT department. This could open a backdoor for hackers to gain access to your company’s network and use your computer as part of a botnet that will spew spam across the world. At home, try to stick with reputable software producers or peer-reviewed software that has been checked for problems. If you don’t know, doing an internet search for reviews of a software program will usually produce an abundance of information.

If you don’t have an IT department, here in the Yakima Valley most of the smaller internet service providers and repair shops will be happy to answer your questions on the phone and advise you if they think that you should take your PC to a repair shop. Additional tips can be found here

Autodesk https://redshift.autodesk.com/10-tips-on-how-to-prevent-malware-from-infecting-your-computer/

and here

Malware Bytes https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/

and here.

PC World http://www.pcworld.com/article/210891/malware.html

The following YouTube video is a few years old, but the information is as valid today as it was then.

Please take some time to review this information and better protect yourself and your sensitive information. Let’s be careful out there.