Threat Model: Parents

newer
EFF: Cybersecurity and the Tylenol...

Gadit Bielman

31 May 2015 31 May '15

2:24 a.m.

Hi. I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to. But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.) Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges? Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?) I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder. Um, thoughts about any of those? Any other things about parents as a threat model in general? I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

Attachments:

attachment.html (text/html — 1.7 KB)

Show replies by date

Zenaan Harkness

31 May 31 May

4:46 a.m.

On 5/31/15, Gadit Bielman wrote:

...

Hi.

For starters, you have to get off of proprietary software (such as Windows or Mac) - so, for a student, this could be a good exploratory learning opportunity. This implies some rational conversation with said parents. The best advice is to expect no silver bullet - expect to have to learn a lot if you want some semblance of control over your computing environment. Depending on the situation, there could be a USB keyboard logger - which may or may not be visually detectable by a cursory outside glance. Above all, I suggest endeavouring to begin conversations with said parents, and ideally take an interest in a libre software operating system - Whonix and Qubes may be a good place to start, but really, any GNU/Linux or even *BSD OS is a huge step up from all proprietary software in existence. Go with a bootable live USB stick, generally faster than a live bootable DVD. And get comfy with Truecrypt 7.1a for storing all data to create a persistence layer. This way, as long as the hardware itself is not compromised (eg USB keylogger), then you will have some semblance of independence from the hardware, and as a bonus will be able to trivially carry your computing environment with you wherever you go - just beware the hardware of course. A good part of relationships happen in conversations. If at all possible, settle ones emotions (such as anger and frustration) and start having real conversations with said parents. Long term, we want healthy relationships, not life sucking adversarial relationships. Good luck, Zenaan

Cathal (Phone)

6:15 a.m.

Wipe the machine, install fresh and clean Linux, and then password lock the BIOS. On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman wrote:

...

Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Mirimir

7:48 a.m.

On 05/31/2015 12:15 AM, Cathal (Phone) wrote:

...

Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

That's excellent advice ... to someone who owns the machine. I'd say also to use LUKS. But maybe here that would dramatically escalate the confrontation. And there's also the lack of physical security. Zenaan's advice is more appropriate in a child-parent context. If that's impossible, the best option is probably doing private stuff elsewhere.

...

On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman wrote:

...
Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

nerv

8:51 a.m.

On Sun, 31 May 2015 01:48:10 -0600 Mirimir wrote:

...

On 05/31/2015 12:15 AM, Cathal (Phone) wrote:

...
Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

That's excellent advice ... to someone who owns the machine. I'd say also to use LUKS. But maybe here that would dramatically escalate the confrontation. And there's also the lack of physical security.

Zenaan's advice is more appropriate in a child-parent context. If that's impossible, the best option is probably doing private stuff elsewhere.

I think trying to go against the parents themselves would be a bad idea unless you know they can be reasoned with, but having a look seems only fair, their children should know to what degree they should trust their computer. I would personally use software such as process explorer and tcpview to get an idea of what is running (assuming they use windows here), but if you think the parents may be using something stronger than your usual parental control tool maybe booting the system from a live cd and having a look at what may be hidden from regular process managers (might be a bit extreme, I'm not sure any parent would go that far, but it will be pretty effective, and maybe less of a chore. If they really are monitoring all activity on the computer they might deduce that they are "busted", it might even "incriminate" you once they realize that their kids shouldn't know that much about computers.) In any case, the most likely is that they use some basic software and just "manually" check what was the machine used for, so a small introduction (if needed) about using computers (and the right tools) safely and cleanly might just be enough to stop Orwellian parents. I never contributed to a mailing list before, hope I didn't fucked it up Cheers

...

...
On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman wrote:

...
Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

-- Goto Daichi (nerv) -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2 mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7 I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1 vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033 pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK 8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3 uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9 qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1 5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0 1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1 X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI= =t27C -----END PGP PUBLIC KEY BLOCK-----

Cathal (Phone)

9:33 a.m.

I'm not one to call parents who surveil children "Orwellian": a parent's job is to prepare a child for the world and protect them from the world. Some parent:child combos are trusting and the children are sane. Others, not; and it is *not* always the parent's fault if their kids aren't well-behaved human beings as teens. That said, it's a teenager's prerogative to explore what it means to be an adult as they approach the day they take ownership of themselves, and to push boundaries and make mistakes. So, push-back and assertion of self and future rights is normal, too. On 31 May 2015 09:51:02 GMT+01:00, nerv wrote:

...

On Sun, 31 May 2015 01:48:10 -0600 Mirimir wrote:

...
On 05/31/2015 12:15 AM, Cathal (Phone) wrote:

...
Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

That's excellent advice ... to someone who owns the machine. I'd say also to use LUKS. But maybe here that would dramatically escalate the confrontation. And there's also the lack of physical security.

Zenaan's advice is more appropriate in a child-parent context. If that's impossible, the best option is probably doing private stuff elsewhere.

I think trying to go against the parents themselves would be a bad idea unless you know they can be reasoned with, but having a look seems only fair, their children should know to what degree they should trust their computer.

I would personally use software such as process explorer and tcpview to get an idea of what is running (assuming they use windows here), but if you think the parents may be using something stronger than your usual parental control tool maybe booting the system from a live cd and having a look at what may be hidden from regular process managers (might be a bit extreme, I'm not sure any parent would go that far, but it will be pretty effective, and maybe less of a chore. If they really are monitoring all activity on the computer they might deduce that they are "busted", it might even "incriminate" you once they realize that their kids shouldn't know that much about computers.)

In any case, the most likely is that they use some basic software and just "manually" check what was the machine used for, so a small introduction (if needed) about using computers (and the right tools) safely and cleanly might just be enough to stop Orwellian parents.

I never contributed to a mailing list before, hope I didn't fucked it up Cheers

...
...
On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman wrote:

...
Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

--

Goto Daichi (nerv)

-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2

mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7 I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1 vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033 pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK 8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3 uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9 qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1 5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0 1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1 X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI= =t27C -----END PGP PUBLIC KEY BLOCK-----

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Lodewijk andré de la porte

10:12 a.m.

2015-05-31 2:33 GMT-07:00 Cathal (Phone) :

...

I'm not one to call parents who surveil children "Orwellian": a parent's job is to prepare a child for the world and protect them from the world.

We are all children of the state (child is badly defined, the role of parents is culturally defined and not something logically following from the production of babies, although the caretaking at least is pretty preprogrammed)

Cathal (Phone)

12:25 p.m.

FWIW then, though this is a miresome digression, I mean by "Parent" the "person whose responsibility it is the welfare and upbringing of the child". Guardian, foster, whatever. On 31 May 2015 11:12:00 GMT+01:00, "Lodewijk andré de la porte" wrote:

...

2015-05-31 2:33 GMT-07:00 Cathal (Phone) :

...
I'm not one to call parents who surveil children "Orwellian": a parent's job is to prepare a child for the world and protect them from the world.

We are all children of the state

(child is badly defined, the role of parents is culturally defined and not something logically following from the production of babies, although the caretaking at least is pretty preprogrammed)

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Irving Poe

7:51 a.m.

...

...
Hi.

I'm trying to help (probably badly, but..) a friend deal with parents

Hi, My best guess would be to use their own weapons against them. Check the history to know what software have they installed. If nothing shows up, go for the stored cookies, recently opened documents, etc... There is always a lot of traces remnant to a computer utilization. Without knowing what their weapon is, you can't do anything. As said, it can be a hardware keylogger which will prevent any software countermeasures. Finding what happened on a computer is called forensics, research it online to find relevant information, and then with specifying which OS your target is to find more relevant details. Good luck, and stay free. On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman < thetransintransgenic@gmail.com> wrote: that they expect are spying on them. Wipe the machine, install fresh and clean Linux, and then password lock the BIOS. On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman < thetransintransgenic@gmail.com> wrote:

...

Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looki! ng at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Zenaan Harkness

7:54 a.m.

On 5/31/15, Cathal (Phone) wrote:

...

Wipe the machine, install fresh and clean Linux, and then password lock the BIOS.

Excellent start. Another possibly more complex idea, use your octo-core 3Gig RAM mobile phone as your computer, connecting to the monitor and keyboard.

Razer

1 Jun 1 Jun

7:39 p.m.

05/30/2015 11:15 PM, Cathal (Phone) wrote:

...

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

Cathal (Phone)

8:32 p.m.

Eh, I didn't write that. Either someone's spoofing my headers or you wrote that manually and misattributed? On 1 June 2015 20:39:25 GMT+01:00, Razer wrote:

...

05/30/2015 11:15 PM, Cathal (Phone) wrote:

...
I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Razer

9:14 p.m.

When I highlighted the quoted material Thunderbird chose you as the sender. Sorry... Do you need a 'butthurt assessment form" to send to the mgt? https://cyberguerrilla.org/butthurt/butthurt.php On 06/01/2015 01:32 PM, Cathal (Phone) wrote:

...

Eh, I didn't write that. Either someone's spoofing my headers or you wrote that manually and misattributed?

On 1 June 2015 20:39:25 GMT+01:00, Razer wrote:

05/30/2015 11:15 PM, Cathal (Phone) wrote:

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Cathal (Phone)

9:26 p.m.

Butthurt is a natural drawback of internet use, I'll suck it up. On 1 June 2015 22:14:31 GMT+01:00, Razer wrote:

...

When I highlighted the quoted material Thunderbird chose you as the sender. Sorry... Do you need a 'butthurt assessment form" to send to the mgt?

https://cyberguerrilla.org/butthurt/butthurt.php

On 06/01/2015 01:32 PM, Cathal (Phone) wrote:

...
Eh, I didn't write that. Either someone's spoofing my headers or you wrote that manually and misattributed?

On 1 June 2015 20:39:25 GMT+01:00, Razer wrote:

05/30/2015 11:15 PM, Cathal (Phone) wrote:

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Zenaan Harkness

9:28 p.m.

The butthurt page is so black and white - it's missing colors -and- expecting Javascript. Something must be done! Someone please contact anonymous. On 6/2/15, Razer wrote:

...

When I highlighted the quoted material Thunderbird chose you as the sender. Sorry... Do you need a 'butthurt assessment form" to send to the mgt?

https://cyberguerrilla.org/butthurt/butthurt.php

On 06/01/2015 01:32 PM, Cathal (Phone) wrote:

...
Eh, I didn't write that. Either someone's spoofing my headers or you wrote that manually and misattributed?

On 1 June 2015 20:39:25 GMT+01:00, Razer wrote: 05/30/2015 11:15 PM, Cathal (Phone) wrote: I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Razer

9:46 p.m.

On 06/01/2015 02:28 PM, Zenaan Harkness wrote:

...

The butthurt page is so black and white - it's missing colors -and- expecting Javascript.

Something must be done! Someone please contact anonymous.

https://tips.fbi. gov/

Zenaan Harkness

8:33 p.m.

On 6/2/15, Razer wrote:

...

05/30/2015 11:15 PM, Cathal (Phone) wrote:

...
I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

A number of things are at issue. An adversarial "helper" is the first one.

Zenaan Harkness

9:06 p.m.

On 6/2/15, Zenaan Harkness wrote:

...

On 6/2/15, Razer wrote:

...
05/30/2015 11:15 PM, Cathal (Phone) wrote:

...
I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Tails has a win8 camouflage mode. If Win8 is the OS in use...

A number of things are at issue. An adversarial "helper" is the first one.

I think I've been unclear in two ways, apologies. I'll try again: A number of things are at issue. A reactive OP is the first one. Again, very sorry for the confusion, Zenaan

Shawn K. Quinn

31 May 31 May

8:21 a.m.

On Sat, 2015-05-30 at 22:24 -0400, Gadit Bielman wrote:

...

Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

This is correct.

...

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

It could be any number of things. Some ISPs even sell access packages with "family-friendly" filtering built in. Spyware or logging of sites accessed wouldn't be too far of a leap from this.

...

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

By their nature, I would expect most garden variety anti-spyware packages to not consider "parental control" type tools as spyware and not detect them. They certainly aren't viruses. I think most anti-spyware tools on Windows require administrator access to run.

...

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

There's no easy way to detect screenshots being taken. You would need to check the local hard disk for copies of the screenshots, and outbound network traffic for something that could be a screenshot being uploaded. This is difficult at best without administrator access.

...

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

It would be best, but it may not be possible if the computer is secured correctly. The parent threat model (as a minor child) is a particularly tough nut to crack. Even if you subvert the technical spying measures, there could be consequences for doing so. At least where I live in the US, minors can't own property legally, so parents can spy on a computer that "belongs to" their kids. If your friend's parents feel the need to spy on his/her Internet access, there are issues beyond the technological ones. There is a basic lack of trust on the part of the parents, possibly caused by their poor parenting of your friend when he/she was younger, that needs to be addressed. In other words, find out why they feel spying is necessary. In the meantime, your friend may want to do the majority of his/her Internet access from the local library; it may not be completely uncensored but there is a much lower chance of being individually spied on there. -- Shawn K. Quinn

jim bell

4:41 p.m.

From: Gadit Bielman

...

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have >administrator privileges to. But their parents are not exactly the NSA --

NO ONE expects the NSA!!!! (with apologies to Monty Python...) Jim Bell

Razer

1 Jun 1 Jun

7:48 p.m.

New subject: [OT: Python v. M edition] Threat Model: Parents

On 05/31/2015 09:41 AM, jim bell wrote:

...

...
I'm trying to help (probably badly, but..) a friend deal with parents

*From:* Gadit Bielman that they expect are spying on them.

...
I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have >administrator privileges to.

...
But their parents are not exactly the NSA --

NO ONE expects the NSA!!!!

(with apologies to Monty Python...)

Jim Bell

(Voce ‘"british accented crackling falsetto’) “Have You Got Anything Without War?” (Now imagine the US state department as a Monty Python skit…)

...

Well, there’s sanctions and prosecutions; sanctions drone strikes and prosecutions; sanctions and war; sanctions prosecutions and war; sanctions prosecutions drone strikes and war; war prosecutions drone strikes and war; war sanctions war war prosecutions and war; war drone strikes war war prosecutions war cyber war and war;

Vikings: War war war war…

Secretary of State: …war war war sanctions and war; war war war war war war targeted assassinations war war war…

Vikings: War! Lovely war! Lovely war!

Secretary of State: …or a United Nations resolution combined with infiltration, a USAID fake Twitter application, a CIA overthrow, trained enhanced interrogators and with crippling sanctions on top and war.

Woman: Have you got anything without war?

Secretary of State: Well, there’s war sanctions drone strikes and war, that’s not got much war in it.

Woman: I don’t want ANY war!

*More* (more more more) http://auntieimperial.tumblr.com/post/96175631379

Gadit Bielman

31 May 31 May

5:17 p.m.

On Sat, May 30, 2015 at 10:24 PM, Gadit Bielman < thetransintransgenic@gmail.com> wrote:

...

Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

Okay so I've gotten a few responses to this, so just to clear a few things up: -- I don't know this person IRL -- I'm giving them advice over online, so can't look at their computer, give them anything, etc. -- I don't know what spyware program is being used, that is one of the "can someone/how can someone do this" questions I am asking And one major thing, which forgive me for getting kind of annoyed but literally everyone has either directly suggested this or ignored the issue: Parents monitoring/spying on their kids is VERY OFTEN part of an abusive or nearly abusive relationship. If "Just talk to them" was an option, I can GUARANTEE they would already have taken it to the best of their ability. "Just talk to them and install linux -winkyface-" is NOT a workable answer. Parents have a HUGE amount of coercive power and are NOT shy about using it. And for that matter, "wipe it and install linux" is really unlikely to work either. Rubberhose Cryptoanalysis is in full play here -- a PRIMARY goal is "hide it from your parents as much as possible", because confiscating your computer for arbitrary periods of time is ALWAYS AN OPTION. If they find something password protected, they are totally capable of just saying "haha, stop playing around, you're grounded and we're confiscating the computer until you stop being unreasonable and give us the password". Also, an arbitrary kid at home isn't gonna be able to just install Linux. Linux requires you to /know what you're doing on Linux/, and these kids have their hands full dealing will everything else their parents overbear already. Thought outline:: -- Find out or narrow down the ways their parent might be monitoring them software-wise ---- Is there Spyware installed on the computer itself? ------ detecting: is there a list they can look through "My Programs" to see if any matches? Would doing a full scan with a free antivirus detect them as spyware, or would there be "this is a commercial product for parents" exception to the lists? ------ assessing: if they can find which spyware is being use they can just look up the capabilities. But if they can't? What capabilities do most child-spyware products have? Is it possible to narrow down by price-range for what they can afford? ---- Is there spyware running on the network? Traffic monitoring and stuff? ------ That's harder to find, but using the Tor Browser should completely negate that ---- bypassing softwarewise-things: ------ depends entirely on the capabilities. At the most simple, they can be bypassed by just not using the normal browser. More complicated and I can totally imagine a Superfish-like-thing monitoring all internet traffic -- even HTTPS -- for keywords. Is constant screencapture a common feature that we need to worry about? -- Non-software-based things: ---- Manually looking through browser history: again, Tor Browser doesn't keep history ---- Demanding access to email account: use one for school/parent-friendly stuff, and create a secret one. ---- What else is there? e.g.: Here's the parental controls/monitoring built into Windows 8: http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity (For the specific case that I'm asking about, I don't think they have Windows 8, but other versions of Windows probably have similar capabilities) And here's a top-ten comparison for child-spying software: http://parental-software-review.toptenreviews.com/ Would that be able to track the websites visited by the Tor Browser? So specific questions to start: What if any free antivirus, running with user permissions, would detect commercial spy-on-your-child-ware? If they're running a LiveCD/LiveUSB (you're right, probably USB -- faster, more common, easier to excuse for, and persistence), how well can it be disguised as the original operating system? How much of that work can be done by people who aren't the child, so that the child can have as much of a plug-and-play experience as possible? Besides actively taking screenshots, are there any other potential issues for the Tor Browser? e.g. is looking at RAM (unlikely for a commercial parent-spy software?), scanning throughout the entire filesystem looking for bookmarks (Also seems over the top if the Tor Browser is kept in a not-completely-obvious location?), other capabilities? Again, I don't know them at all IRL, so I can't look at their machine, help them install/inspect things, etc. And in general, I think it would be really valuable if we can create will-work-for-70+%-of-people tactics that a kid/teen online can take to get around their parents, so it would be great if we mapped out more a general threat model for parents, and possible responses to that. Thanks.

nerv

6:13 p.m.

On Sun, 31 May 2015 13:17:47 -0400 Gadit Bielman wrote:

...

On Sat, May 30, 2015 at 10:24 PM, Gadit Bielman < thetransintransgenic@gmail.com> wrote:

...
Hi.

I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them. I know that in general, it's impossible to secure a computer that you can't trust and don't necessarily have administrator privileges to.

But their parents are not exactly the NSA -- any spying that's happening is almost definitely some sort of product, plus basic things like maybe looking through their history. (I don't know much about they're situation -- maybe they know more, so well-if-you-know-they-do-this-then-you-could-do-this type advice would still be helpful.)

Would antivirus be able to detect spy-on-your-kids products? Would they be able to scan their computer with like Immunet or something, even if they didn't have administrator privileges?

Tor would probably help -- unless the monitoring was looking at the RAM or something for website names, which would be way overkill on a commercial product, no? Or (more likely) if it was taking screenshots at regular intervals, which would also break running a VM or something. (Is there any way to detect taking screenshots?)

I know probably the best thing would be running TAILS as a LiveCD -- the problem with that is that it's REALLY obvious over-the-shoulder.

Um, thoughts about any of those? Any other things about parents as a threat model in general?

I know this is pretty far from what is usually discussed on here, but I'm really interested in what you think/it would potentially help a lot of people.

Okay so I've gotten a few responses to this, so just to clear a few things up:

-- I don't know this person IRL -- I'm giving them advice over online, so can't look at their computer, give them anything, etc. -- I don't know what spyware program is being used, that is one of the "can someone/how can someone do this" questions I am asking

And one major thing, which forgive me for getting kind of annoyed but literally everyone has either directly suggested this or ignored the issue: Parents monitoring/spying on their kids is VERY OFTEN part of an abusive or nearly abusive relationship. If "Just talk to them" was an option, I can GUARANTEE they would already have taken it to the best of their ability. "Just talk to them and install linux -winkyface-" is NOT a workable answer. Parents have a HUGE amount of coercive power and are NOT shy about using it.

And for that matter, "wipe it and install linux" is really unlikely to work either. Rubberhose Cryptoanalysis is in full play here -- a PRIMARY goal is "hide it from your parents as much as possible", because confiscating your computer for arbitrary periods of time is ALWAYS AN OPTION. If they find something password protected, they are totally capable of just saying "haha, stop playing around, you're grounded and we're confiscating the computer until you stop being unreasonable and give us the password". Also, an arbitrary kid at home isn't gonna be able to just install Linux. Linux requires you to /know what you're doing on Linux/, and these kids have their hands full dealing will everything else their parents overbear already.

Thought outline:: -- Find out or narrow down the ways their parent might be monitoring them software-wise ---- Is there Spyware installed on the computer itself? ------ detecting: is there a list they can look through "My Programs" to see if any matches? Would doing a full scan with a free antivirus detect them as spyware, or would there be "this is a commercial product for parents" exception to the lists? ------ assessing: if they can find which spyware is being use they can just look up the capabilities. But if they can't? What capabilities do most child-spyware products have? Is it possible to narrow down by price-range for what they can afford? ---- Is there spyware running on the network? Traffic monitoring and stuff? ------ That's harder to find, but using the Tor Browser should completely negate that ---- bypassing softwarewise-things: ------ depends entirely on the capabilities. At the most simple, they can be bypassed by just not using the normal browser. More complicated and I can totally imagine a Superfish-like-thing monitoring all internet traffic -- even HTTPS -- for keywords. Is constant screencapture a common feature that we need to worry about? -- Non-software-based things: ---- Manually looking through browser history: again, Tor Browser doesn't keep history ---- Demanding access to email account: use one for school/parent-friendly stuff, and create a secret one. ---- What else is there?

e.g.: Here's the parental controls/monitoring built into Windows 8: http://windows.microsoft.com/en-us/windows-8/monitor-child-pc-activity (For the specific case that I'm asking about, I don't think they have Windows 8, but other versions of Windows probably have similar capabilities) And here's a top-ten comparison for child-spying software: http://parental-software-review.toptenreviews.com/

Would that be able to track the websites visited by the Tor Browser?

So specific questions to start: What if any free antivirus, running with user permissions, would detect commercial spy-on-your-child-ware?

If they're running a LiveCD/LiveUSB (you're right, probably USB -- faster, more common, easier to excuse for, and persistence), how well can it be disguised as the original operating system? How much of that work can be done by people who aren't the child, so that the child can have as much of a plug-and-play experience as possible?

Besides actively taking screenshots, are there any other potential issues for the Tor Browser? e.g. is looking at RAM (unlikely for a commercial parent-spy software?), scanning throughout the entire filesystem looking for bookmarks (Also seems over the top if the Tor Browser is kept in a not-completely-obvious location?), other capabilities?

Again, I don't know them at all IRL, so I can't look at their machine, help them install/inspect things, etc.

And in general, I think it would be really valuable if we can create will-work-for-70+%-of-people tactics that a kid/teen online can take to get around their parents, so it would be great if we mapped out more a general threat model for parents, and possible responses to that.

Thanks.

The issue here is that if there is nothing you can actively do yourself, you are very limited in term of options. I know it sounds obvious, but security isn't easy, thats why most people don't bother with it. Something I might try would I be in your shoes would be helping them obtain the tor browser (I don't know how you're in touch with them but providing it for them would be more discrete than them looking for it on google) and have them use it a few times to see if it gets some kind of reaction. I think using a live cd as a way to hide what they do would not be very effective, I don't think kids (no matter how old they are) would like to constantly switch from their actual pc to a live cd, and if they just stop booting from the hard drive the lack of activity on it might betray them (not to mention I would expect parents that monitor their kid's this way to at least check up on them from time to time, and not even the fake windows xp skin from tails is going to save them when they hear the door opening). However, would I indeed be in your shoes, I would then be trapped between a multitude of scenarios depending on the degree of monitoring that is happening, and the only way to be sure that you're really outsmarting the parents would be to really go full on, and you cannot do that. You make it sound as if they might be pushing the whole forensics thing very far (I don't think thats what is happening, but of course I have no way to know), if so they might be using HIDS that would defeat the purpose of installing (or even running) software to help anonymity. Maybe they run they run they own firewall and monitor it very carefully. There really is no end to this. So as I said, estimating the degree of paranoia needed beforehand would save you some time and allow you to think more clearly about solutions that really fit the problem. Try to works with the kids to get sufficient informations about the parents level of ability with, and access to such technology. Lastly I agree that parents should try to monitor their child activity on the internet, the same way they might forbit them to go into a bar or an empty street at night, but there is a difference between blocking anything from a few websites to most of the internet, and spying on communications and exchanges that do not involve you. The obvious risks should be dealt with, but a minimum of trust seems only natural toward your own children. -- Goto Daichi (nerv) -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2 mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7 I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1 vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033 pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK 8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3 uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9 qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1 5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0 1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1 X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI= =t27C -----END PGP PUBLIC KEY BLOCK-----

3398

Age (days ago)

3399

Last active (days ago)

List overview

Download

22 comments

10 participants

participants (10)

Cathal (Phone)
Gadit Bielman
Irving Poe
jim bell
Lodewijk andré de la porte
Mirimir
nerv
Razer
Shawn K. Quinn
Zenaan Harkness