- Joined
- Jul 10, 2002
- Messages
- 254
This should be a sticky!!!!!!
I found this on AB and hope everyone can benefit from this knowledge
Often overlooked, and never well respected, personal privacy and security is of utmost importance to our community. We as a bodybuilding community are a bit outside the bounds of current main stream thought and law. Operating outside these bounds puts us under ever increasing scrutiny by DEA and other law enforcement officials. Because I am a firm believer that anabolic steroids pose no more social and health problems than any other over the counter or prescription drugs, I am writing this article to hopefully help both buyers, sellers, and everyone in between keep your identity a secret on the net. Without an identity you can never be caught!! Remember this and take it very seriously. Whereas nothing is foolproof, I am not claiming to know everything or guaranteeing you secrecy of your identity. I do know a lot, and I stay current on encryption techniques. So here we go:
YOUR COMPUTER
First step in keeping your identity a secret is to mask your real IP address. An IP address is a number assigned to each computer on the net. Your IP is given to you by your ISP. Usually it is changed every few months by your ISP. This number can identity you very easily. If an agent had your IP he could easily have the billing info in a matter if minutes from your ISP. Two easy websites to mask your IP are www. anonymizer.com and http://www.megaproxy.com./ Megaproxy is 100% free. Another way to permanently hide your IP for free is http://www.multiproxy.org/ which provides a small program to mask your IP. Now for most of you this is probably as far as you would go, but I would go much further. Using the services I just described you do hide your IP from websites you visit, but your ISP still knows where you’re going and what you’re doing. ISP’s are required to report suspicious activity to the government. Besides what your ISP may voluntarily give to the government, you have to now worry about Carnivore. Carnivore is the governments program that runs on your Email and ISP servers reading emails, communications, websites, and more looking for key words. Once certain key words are found (Like DECA, KETAMINE, EXTACY) you are reported for further investigation. So how do you view the web without your ISP knowing where you’re going? It’s called SSH Tunneling. SSH Tunneling allows your computer to securely connect to a proxy server over an encrypted connection. All your HTTP (web) traffic is routed over port 22 so all your ISP can see is that encrypted traffic is running over port 22 from your computer. This connection is unbreakable even by the most sophisticated computers in the world. Carnivore is therefore useless, and so is any eavesdropping from your ISP. SSH is generally a paid for service, and can be bought and setup through http://www.anonymizer.com./ To get your SSH software I suggest getting it for free at http://www.ssh.com/ (non commercial version) instead of paying for anonymizer’s version. Anonymizer is unique in that they set up there systems so that logged in users cannot be associated with what web traffic they’ve looked at. This is to ensure that even with a court order no identification is possible. Using an SSH connection will ensure your IP address and web sites you view will be private to only you. Now that you know how to hide your IP, do you know how to hide info on your computer? I suggest PGP Corporate Desktop 7.1 with disk encryption. You can do a simple search on Yahoo and find a working copy. Once you have this software installed setup an encrypted disk to keep all those incriminating files you have in. Once the disk is created it will be protected by unbreakable encryption that you will need a password to get into. Another neat aspect of this software is it allows you to truly erase files off your computer. The Wipe feature totally deletes incriminating files. In case you didn’t know simply deleting a file does not permanently erase a file, it is easily retrievable given the right software. Can you see how this PGP software keeps you safe just in case feds were to enter your home and take possession of your computer? Don’t forget PGP is the ultimate weapon in email too, but too complicated for most. Thank god for hushmail which I will talk about in a minute. One other suggestion is that you never input any real information about yourself into Windows. This information is very easily found. For instance when you first use windows it asks for your name. Don’t use your real info. Keep this in mind as windows asks for personal info. What may seem paranoid shouldn’t, this is a serious game we are all playing.
EMAIL
I’m secure right, I use Ziplip (http://www.ziplip.com/)? No!! Not unless you and the person you are sending to are both using ziplip and you are password protecting every message. Simply sending an email from ziplip is not secure! Let me repeat that again for the people who insist on using ziplip incorrectly. Simply sending an email from ziplip is not secure! Emails sitting on ziplips servers not password protected can easily be picked over by Carnivore or Ziplip employees. Now I am not saying ziplip is a bad service. It is in fact secure and safe if used correctly (still the issue of how to exchange passwords securely is a serious flaw in ziplip). Now since no one uses it correctly lets just give it up. Ok good job, we are all going to give ziplip up right? I hope so. Now on to real email, hands down HUSHMAIL (http://www.hushmail.com/) is leaps and bounds superior to ziplip. HUSHMAIL is secure end to end. Emails and attachments are secure without the need for a separate password as long as both parties are using HUSHMAIL. This takes all the guess work out of this. Emails won’t sit on the server unencryped for Carnivore, and hushmail employees cannot read them. It’s so simple a 5 yr. old could use it. It’s truly an amazing system. When HUSHMAIL first appeared there were rumors that it wasn’t secure at all, well Phil Zimrnerrnann was brought on as chief technology officer of HUSHMAIL. He is the creator of PGP, and would never put his reputation in the encryption community on the line for a shady company not living up to its promises. Phil’s commitment to the company gives me even more faith that HUSHMAIL is the premier email and web based encryption company on the net. Also another good feature of HUSHMAIL is that its subsidiaries http://www.cyber-rights.net,/ http://www.elitefitness.com,/ and **broken link removed** are all compatible with it. If you don’t like using hushmail, I suggest you learn to use PGP. Otherwise Carnivore is picking your emails for key words. How does it feel to be watched?
MONETARY TRANSACTIONS
Ok all sellers please read. What the hell are you doing taking money by mail from people you don’t know well?? Sellers should view every single customer as a fed until they have proven they are not. Are you going to give your address to a fed? Well how do you know you haven’t so far? How long would it take a fed to find out all the personal info on a PMB, PO Box, or Home Address? I would bet less than 10 minutes. I’ve never had any problems getting the real info using a PI even on a PMB. Then of course once the feds have your box they have it flagged, and for months packages are watched and let through then they’ve got ya. Ok so what’s the smart thing to do here? I would say lets start by not giving out our addresses to strangers. Instead payments should be made electronically. Simple and efficient. Only 5 companies make my cut **broken link removed** (I consider the best as cheapest fees), http://www.e-gold.com,/ http://www.e-bullion.com,/ western union, and moneygram. Reason for this is they are well backed, can be 100% anonymous, and safe. Evocash is my first choice as its fees are cheap, you are 100% anonymous with them, and they do not cooperate with law enforcement agencies as they are offshore and out of US jurisdiction. Sellers I know you are reluctant to make your customers use these services, because they are resistant to change and may take their business elsewhere, but if all sources go to these methods we will all be safer. Buyers, when a seller won’t let you to pay by mail remember they will be around longer and less likely to get busted taking your guys money with them.
I found this on AB and hope everyone can benefit from this knowledge
Often overlooked, and never well respected, personal privacy and security is of utmost importance to our community. We as a bodybuilding community are a bit outside the bounds of current main stream thought and law. Operating outside these bounds puts us under ever increasing scrutiny by DEA and other law enforcement officials. Because I am a firm believer that anabolic steroids pose no more social and health problems than any other over the counter or prescription drugs, I am writing this article to hopefully help both buyers, sellers, and everyone in between keep your identity a secret on the net. Without an identity you can never be caught!! Remember this and take it very seriously. Whereas nothing is foolproof, I am not claiming to know everything or guaranteeing you secrecy of your identity. I do know a lot, and I stay current on encryption techniques. So here we go:
YOUR COMPUTER
First step in keeping your identity a secret is to mask your real IP address. An IP address is a number assigned to each computer on the net. Your IP is given to you by your ISP. Usually it is changed every few months by your ISP. This number can identity you very easily. If an agent had your IP he could easily have the billing info in a matter if minutes from your ISP. Two easy websites to mask your IP are www. anonymizer.com and http://www.megaproxy.com./ Megaproxy is 100% free. Another way to permanently hide your IP for free is http://www.multiproxy.org/ which provides a small program to mask your IP. Now for most of you this is probably as far as you would go, but I would go much further. Using the services I just described you do hide your IP from websites you visit, but your ISP still knows where you’re going and what you’re doing. ISP’s are required to report suspicious activity to the government. Besides what your ISP may voluntarily give to the government, you have to now worry about Carnivore. Carnivore is the governments program that runs on your Email and ISP servers reading emails, communications, websites, and more looking for key words. Once certain key words are found (Like DECA, KETAMINE, EXTACY) you are reported for further investigation. So how do you view the web without your ISP knowing where you’re going? It’s called SSH Tunneling. SSH Tunneling allows your computer to securely connect to a proxy server over an encrypted connection. All your HTTP (web) traffic is routed over port 22 so all your ISP can see is that encrypted traffic is running over port 22 from your computer. This connection is unbreakable even by the most sophisticated computers in the world. Carnivore is therefore useless, and so is any eavesdropping from your ISP. SSH is generally a paid for service, and can be bought and setup through http://www.anonymizer.com./ To get your SSH software I suggest getting it for free at http://www.ssh.com/ (non commercial version) instead of paying for anonymizer’s version. Anonymizer is unique in that they set up there systems so that logged in users cannot be associated with what web traffic they’ve looked at. This is to ensure that even with a court order no identification is possible. Using an SSH connection will ensure your IP address and web sites you view will be private to only you. Now that you know how to hide your IP, do you know how to hide info on your computer? I suggest PGP Corporate Desktop 7.1 with disk encryption. You can do a simple search on Yahoo and find a working copy. Once you have this software installed setup an encrypted disk to keep all those incriminating files you have in. Once the disk is created it will be protected by unbreakable encryption that you will need a password to get into. Another neat aspect of this software is it allows you to truly erase files off your computer. The Wipe feature totally deletes incriminating files. In case you didn’t know simply deleting a file does not permanently erase a file, it is easily retrievable given the right software. Can you see how this PGP software keeps you safe just in case feds were to enter your home and take possession of your computer? Don’t forget PGP is the ultimate weapon in email too, but too complicated for most. Thank god for hushmail which I will talk about in a minute. One other suggestion is that you never input any real information about yourself into Windows. This information is very easily found. For instance when you first use windows it asks for your name. Don’t use your real info. Keep this in mind as windows asks for personal info. What may seem paranoid shouldn’t, this is a serious game we are all playing.
I’m secure right, I use Ziplip (http://www.ziplip.com/)? No!! Not unless you and the person you are sending to are both using ziplip and you are password protecting every message. Simply sending an email from ziplip is not secure! Let me repeat that again for the people who insist on using ziplip incorrectly. Simply sending an email from ziplip is not secure! Emails sitting on ziplips servers not password protected can easily be picked over by Carnivore or Ziplip employees. Now I am not saying ziplip is a bad service. It is in fact secure and safe if used correctly (still the issue of how to exchange passwords securely is a serious flaw in ziplip). Now since no one uses it correctly lets just give it up. Ok good job, we are all going to give ziplip up right? I hope so. Now on to real email, hands down HUSHMAIL (http://www.hushmail.com/) is leaps and bounds superior to ziplip. HUSHMAIL is secure end to end. Emails and attachments are secure without the need for a separate password as long as both parties are using HUSHMAIL. This takes all the guess work out of this. Emails won’t sit on the server unencryped for Carnivore, and hushmail employees cannot read them. It’s so simple a 5 yr. old could use it. It’s truly an amazing system. When HUSHMAIL first appeared there were rumors that it wasn’t secure at all, well Phil Zimrnerrnann was brought on as chief technology officer of HUSHMAIL. He is the creator of PGP, and would never put his reputation in the encryption community on the line for a shady company not living up to its promises. Phil’s commitment to the company gives me even more faith that HUSHMAIL is the premier email and web based encryption company on the net. Also another good feature of HUSHMAIL is that its subsidiaries http://www.cyber-rights.net,/ http://www.elitefitness.com,/ and **broken link removed** are all compatible with it. If you don’t like using hushmail, I suggest you learn to use PGP. Otherwise Carnivore is picking your emails for key words. How does it feel to be watched?
MONETARY TRANSACTIONS
Ok all sellers please read. What the hell are you doing taking money by mail from people you don’t know well?? Sellers should view every single customer as a fed until they have proven they are not. Are you going to give your address to a fed? Well how do you know you haven’t so far? How long would it take a fed to find out all the personal info on a PMB, PO Box, or Home Address? I would bet less than 10 minutes. I’ve never had any problems getting the real info using a PI even on a PMB. Then of course once the feds have your box they have it flagged, and for months packages are watched and let through then they’ve got ya. Ok so what’s the smart thing to do here? I would say lets start by not giving out our addresses to strangers. Instead payments should be made electronically. Simple and efficient. Only 5 companies make my cut **broken link removed** (I consider the best as cheapest fees), http://www.e-gold.com,/ http://www.e-bullion.com,/ western union, and moneygram. Reason for this is they are well backed, can be 100% anonymous, and safe. Evocash is my first choice as its fees are cheap, you are 100% anonymous with them, and they do not cooperate with law enforcement agencies as they are offshore and out of US jurisdiction. Sellers I know you are reluctant to make your customers use these services, because they are resistant to change and may take their business elsewhere, but if all sources go to these methods we will all be safer. Buyers, when a seller won’t let you to pay by mail remember they will be around longer and less likely to get busted taking your guys money with them.