General Tech Security Guidance

  • Join our community of outdoor enthusiasts! Subscribe to Field Ethos Magazine to unlock full forum access and connect with fellow adventurers sharing their stories, tips, and experiences.

    If you are already a subscriber, log in here.
Bakes

Bakes

Well-known member
My cousin is active duty and was telling me about a training course he just finished on signature reduction. Made me think of an article last year on the website by Mike Zusman about IT travel considerations.

Would be great to get a SME on here to give some straight talk on best practices. I use the proton suite, use a VPN and non big tech browser, etc. but with the expansion of flock and Palantir it kind of feels useless.

Anyone know a guy?
 
Broadly speaking, your practices will depend on what you're trying to hide, and who you're hiding from.

For most normal people trying to maintain privacy with advertisers, proton and privacy focused browser is fine. I think commercial VPNs are dumb. You trust some random VPN company more than your ISP? Private (and properly configured/managed) VPNs are a different story, but still, their value is use-case dependent.

The more wacky shit you do for privacy, the more you might be increasing your signature rather than reducing it. Signature reduction is a lot about reducing complexity and blending in with the masses.

Use non-SMS two-factor authentication on critical accounts and lock your SIM with your carrier.

Happy to field more specific questions and route them to appropriate experts as needed. Maybe I'll work on a follow up article.
 
Bakes said:
My cousin is active duty and was telling me about a training course he just finished on signature reduction. Made me think of an article last year on the website by Mike Zusman about IT travel considerations.

Would be great to get a SME on here to give some straight talk on best practices. I use the proton suite, use a VPN and non big tech browser, etc. but with the expansion of flock and Palantir it kind of feels useless.

Anyone know a guy?
Click to expand...
Have you heard of Erik Prince’s phone Unplugged? It’s great for when traveling abroad. Especially if you’re worried about security and privacy. It also has a data sweep button which virtually wipes all the information on the phone.
 
nickmgarcia said:
Have you heard of Erik Prince’s phone Unplugged? It’s great for when traveling abroad. Especially if you’re worried about security and privacy. It also has a data sweep button which virtually wipes all the information on the phone.
Click to expand...
Damn that’s cool.
 
Bakes said:
My cousin is active duty and was telling me about a training course he just finished on signature reduction. Made me think of an article last year on the website by Mike Zusman about IT travel considerations.

Would be great to get a SME on here to give some straight talk on best practices. I use the proton suite, use a VPN and non big tech browser, etc. but with the expansion of flock and Palantir it kind of feels useless.

Anyone know a guy?
Click to expand...
Depending on how serious you are about this and if you want to pay a consultant to help you through this, I can connect you with some folks.
 
Mike Z said:
Broadly speaking, your practices will depend on what you're trying to hide, and who you're hiding from.

For most normal people trying to maintain privacy with advertisers, proton and privacy focused browser is fine. I think commercial VPNs are dumb. You trust some random VPN company more than your ISP? Private (and properly configured/managed) VPNs are a different story, but still, their value is use-case dependent.

The more wacky shit you do for privacy, the more you might be increasing your signature rather than reducing it. Signature reduction is a lot about reducing complexity and blending in with the masses.

Use non-SMS two-factor authentication on critical accounts and lock your SIM with your carrier.

Happy to field more specific questions and route them to appropriate experts as needed. Maybe I'll work on a follow up article.
Click to expand...
This makes a lot of sense. I look at this as an 80/20. Be smart, use some basics, but don’t get too spun up on it. The non SMS two factor is something I’m going to look into. We have rsa and Authenticator at work but haven’t thought of that for core accounts.
 
nickmgarcia said:
Have you heard of Erik Prince’s phone Unplugged? It’s great for when traveling abroad. Especially if you’re worried about security and privacy. It also has a data sweep button which virtually wipes all the information on the phone.
Click to expand...
Had not. Knew of KryptAll. Looks solid.
 
Bakes said:
Had not. Knew of KryptAll. Looks solid.
Click to expand...
Yea bro it’s got some pretty interesting features built in VPN, Kill switch, secure messenger, it’s co developer was the CEO of apple and they worked with intelligence partners to create what we call a “Hardened Phone” biggest issues you find is that phones today have what we call “Hooks” which are systems imbedded with harvesting tech from countries that want your information. You basically got a phone that doesn’t need a faraday sleeve. There’s other options out there like:
  • Purism Librem 5.
  • Bittium Tough Mobile 2C.
  • Solarin From Sirin Labs.
  • Sirin Labs Finney U1.
  • Blackphone PRIVY 2.0.
Just gotta find the right options, I like Unplugged because I’ve found it to be the most user friendly, plus if you know anything about Erik prince and blackwater. He’s a SME when it comes to security.
 
nickmgarcia said:
Yea bro it’s got some pretty interesting features built in VPN, Kill switch, secure messenger, it’s co developer was the CEO of apple and they worked with intelligence partners to create what we call a “Hardened Phone” biggest issues you find is that phones today have what we call “Hooks” which are systems imbedded with harvesting tech from countries that want your information. You basically got a phone that doesn’t need a faraday sleeve. There’s other options out there like:
  • Purism Librem 5.
  • Bittium Tough Mobile 2C.
  • Solarin From Sirin Labs.
  • Sirin Labs Finney U1.
  • Blackphone PRIVY 2.0.
Just gotta find the right options, I like Unplugged because I’ve found it to be the most user friendly, plus if you know anything about Erik prince and blackwater. He’s a SME when it comes to security.
Click to expand...
Thanks. Will look into it. I know he commissioned some baller Breitling Emergency watches back in the day but that’s for a different thread. https://www.watchesofespionage.com/blogs/woe-dispatch/blackwater-breitling-the-story
 
Saw a guy named Luke Bencie speak at a conference recently - he wrote a book called 'Among Enemies - Counter Espionage for the Business Traveler' - https://a.co/d/0fyJk2xQ - he admitted during the talk that on some of the tech side it could use some updating, but it's pretty solid.
 
What’s your threat model? What countries are you traveling to?

There’s a lot that can be done to spread out your attack surface which is ideal if you’re traveling in say…Mexico or 42 other countries Pegasus is known to operate in.

You shouldn’t worry much about $PLTR unless youre in the US illegally. Flock is pretty easy to evade if you really need to.

deflock.org

DeFlock

Find license plate readers (LPRs) near you.
deflock.org deflock.org

To add on to what @Mike Z stated — make sure you know who your vpn provider is and if they log your activity.

wire.com

Meta Apps Caught Tracking Users in Incognito & VPN Modes

Recent findings show that between September 2024 and early June 2025, Meta’s Android apps (Facebook and Instagram) covertly tracked users’ web browsing, even in incognito and VPN modes by exploiting a local “localhost” channel.
wire.com wire.com

Happy to lead you in the right direction for free if you’re a patriot. Just need your mom’s name and number.
 
Last edited by a moderator:
You must log in or register to reply here.
Back
Top