More Anti-Gun Crazy from New York

From RochesterFirst.com, more proof that the inmates are running the asylum – Proposed law would let State search gun owner’s social media and internet history. The privacy invasions involved in this bill are a new level of crazy. Look for more of this mental diarrhea coming to a state near you.

A new act introduced in the New York State Assembly this month would require pistol owners to submit to a “social media review.”

Anyone applying for, or renewing a pistol permit would have to give up all login information, including passwords, for any social media sites they’re a part of.

Posts from the past three years on site like Facebook, Twitter and Snapchat would be reviewed for language containing slurs, racial/gender bias, threats and terrorism.

One year of search history on Google/Yahoo/Bing would also be reviewed.

Related:

Conservative Firing Line: New York Senate Bill 9191 – Destroying the Bill of Rights

CSG: GroundRod Primer, Mar. 24-25, 2018 – Prosser, WA

Combat Studies Group will be holding their GroundRod Primer course in the Prosser, WA area on Saturday and Sunday, March 24th and 25th, 2018. This is a two-day class. This class has moved from the Boise, ID location. Please sign up through the Combat Studies Group email address if you are interested in taking the class. The information is very valuable.

Details: https://combatstudiesgroup.blogspot.cz/p/courses.html

Class – Ground Rod Primer

Cost $400

Time Saturday and Sunday 8am – 5pm

Benefit – help limit your electronic footprint and learn how to protect your data and communications

GroundRod Primer  –  Internet and digital tradecraft

GroundRod Primer is designed to address the fundamental concerns of journalists, concerned citizens, activists, whistle blowers, missionaries and liberty lovers in general, with regard to digital security. Whether hackers, governments, criminals or acts of espionage; our privacy is in serious jeopardy.
You will learn to secure your devices and communications in the following ways:
Properly employ symmetric and asymmetric encryption
Create and safely store powerful passwords
Guard against common criminal and state level intrusion techniques
Recognize unsafe software you are using now and explore safe replacements
Surf the web anonymously
Explore the deep web
Transfer files safely
Communicate securely and privately
Understand and deal with malicious firmware
Crypto-currencies
Properly employ “burner” phones
GroundRod Primer is meant to take the uncertainty and guesswork out of digital security, give you a fundamental base of knowledge to grow from and get you up and running with the highest levels of security available TODAY.
Follow on courses will delve deeper into these subjects and address escape and evasion techniques and other tradecraft.
Gear Requirements
* Laptop
* Three USB thumbdrives (4-8 GB)
* Note taking materials
* extension cord

CSG: New Items Coming to Store

Combat Studies Group has announced some new items coming soon.

We have been hard at work over the last several months developing new tools to help secure your digital life. We continue to refine the Sepio Secure OS and expect to release the Sepio 2 this summer. Other items that are coming soon:

Sepio-Offgrid Rugged Laptop

– Offers the same level of rugged MILSPEC protection as the famous Toughbooks
– 14 inch HD screen
– 8-32GB RAM
– 128GB -1TB SSD or HDD
– i3 CPU (non vPro)
– Sepio Secure OS
– Optional packable solar panel/battery combo for field use
– Estimated Price: $1600-2000

The Libertas XL

– A 9 inch rugged tablet with:
– Dual-core 64bit CPU
– 2GB RAM
– 16 or 32GB storage
– Estimated price: $650

Sepio-Micro Desktop

– A full featured Sepio desktop not much larger than your hand.
– Plug in your own keyboard, mouse and monitor
– Estimated price: $750

Graybox Secure Router

– Router, Access Point, Bridge, Firewall, Intrusion detection and VPN all in a small package.
– Estimated price: TBA

Home Theater System

– This would replace your Roku, AppleTV, Chromecast, AmazonFire, etc media devices. It will have the same functionality – streaming of your favorite shows, music, etc, but without the spying.
– Estimated Price: TBA

GrayMatter VPN Service

– We have been testing the beta of our very own VPN service. What will it offer?

– Servers in jurisdictions that are respectful of privacy rights
– Servers setup with same security you would find in the Sepio
– No logging of customers
– Anonymous account creation and payment support
– Wireguard, TOR, OpenVPN and Shadowsocks
– Multihop support
– Secure, non-logging DNS

– Estimated Price: $6-10 monthly


I should mention that all of our products are fully patched against the Meltdown and Spectre vulnerabilities. 

CSG is also holding a GroundRod Primer course in Boise, ID on March 24-25, 2018. The GroundRod Primer is an intensive digital security course of instruction.

How To Avoid the Plague

Perhaps you’ve read in the news lately about the current, big virus sweeping across Europe.

Cryptoviruses (a computer virus that encrypts a victim’s data in a way that the data can only be retrieved via a key made by the attacker) are the current weapon of choice of those bent on using malware to either cause electronic destruction or criminally extort money from anonymous reaches of the internet. In 2016, ransomware (a virus that encrypts or otherwise locks away a victim’s data) payments were estimated to hit $1 billion for the year.

The virus currently in the news is called Nyetya:

“After an hour of attempting to spread across the network, computers infected with Nyetya will reboot. After restarting the computers will appear to run CHKDSK (utilised to check the hard drive for errors) but the malware is actually encrypting files. Once this is completed the master boot record (MBR) is overwritten with a custom loader that will display the ransom note on boot.

“The ransom note presented to the user informs them that their files are no longer accessible and that $300 worth of Bitcoin will need to be paid to a specified Bitcoin wallet address in order to get the decryption key necessary to access their files. The user is instructed to e-mail a posteo.net e-mail address with information to identify their Bitcoin payment transaction. Posteo has disabled the e-mail account in question, it is not possible for victims to get decryption keys following payment as a result of this.

“Microsoft confirms that the initial infection vector for this malware was caused by a software update for MeDoc, a Ukrainian tax accounting package, pushed out via a hacked server. There have also been reports of the malware spreading via phishing e-mails.”

Viruses have gone from annoying interruptions which required expensive support to clean your computer of infections, to destructive invasions which destroy all the information on your hard drive. Below are several tips on how to avoid getting infected, but as a home user one of the most important tips is to keep a backup of all of your important data on an external drive of some sort – like a thumb drive, home network drive, or external hard drive – something that isn’t always directly attached to your computer where it could be destroyed by a virus.

Here are a few tips to avoid malware problems both inside and outside work (source is https://blog.exclaimer.com/educate-users-about-email-threats/):

  • Don’t click a link in an email unless you are 100% certain that it is safe to do so. If there is even the slightest doubt, delete it immediately or send it to the Helpdesk (if you have one).
  • Don’t open or respond to emails that look suspicious, unusual or appear to be from someone you don’t know that asks for personal or financial details.
  • Ignore attachments that you weren’t expecting, especially if you don’t know the sender. Many malicious attachments masquerade as Word documents or familiar file types, so check with your IT team if there is any doubt.
  • Check your spam folders regularly in case a legitimate email gets caught in the filter. Whitelist important email addresses so they won’t get filtered in the future.
  • Never give out personal details by email or fill in forms that pop up when you open an email as these will often be phishing attempts.
  • If you haven’t given your address to a business that emails you, do not open or interact with the message.
  • If you get a notice from a financial institution or any other online account stating that you need to upgrade your details or change your password, don’t follow the instructions, but go directly to the institution’s website and see if your account is in order. Financial institutions will never ask for these details over email nor will most other reputable institutions.
  • If you think you might have opened an email with a malicious attachment or clicked or a malicious link, shut down your machine immediately and inform your IT department. They will then be able to isolate that machine from the network and run any necessary scans. If you don’t have an IT department, take it to your local PC technician for a virus check.
  • If you receive an emailed calendar invite from someone you don’t know or it looks suspicious, don’t accept it. If it is from a colleague who is not using a corporate email address, find out it if it is real. In any case, delete the invite just to be certain.`
  • Be careful when logging onto Wi-Fi networks, especially public ones. Always stick with trusted providers and avoid suspicious-sounding SSIDs. Hackers often spoof genuine SSIDs in order to steal passwords and user names.
  • Don’t use the same password for your work email account as your personal one.
  • Avoid posting your work email address in public forums, blogs and websites unless it is absolutely necessary. You will be making it too easy for hackers to get your address and use them for various spamming attacks.
  • Never download any software that has not been approved by your IT department. This could open a backdoor for hackers to gain access to your company’s network and use your computer as part of a botnet that will spew spam across the world. At home, try to stick with reputable software producers or peer-reviewed software that has been checked for problems. If you don’t know, doing an internet search for reviews of a software program will usually produce an abundance of information.

If you don’t have an IT department, here in the Yakima Valley most of the smaller internet service providers and repair shops will be happy to answer your questions on the phone and advise you if they think that you should take your PC to a repair shop. Additional tips can be found here

Autodesk https://redshift.autodesk.com/10-tips-on-how-to-prevent-malware-from-infecting-your-computer/

and here

Malware Bytes https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/

and here.

PC World http://www.pcworld.com/article/210891/malware.html

The following YouTube video is a few years old, but the information is as valid today as it was then.

Please take some time to review this information and better protect yourself and your sensitive information. Let’s be careful out there.