The Dangerous Silent Lethal
You cannot escape the massive hidden snooping and theft against you. Read the Horror stories below it has probably already happened to you ! All the following information prepares you to successfully secure your interests (Individual, Business , Company) and your "Top Secrets" against these activities. All harmful activities can be curtailed and controlled :Our guidelines are presented in each of the 9 items above and will let you take control with our guidance but first Want A Headache
Is Disaster :
No Safety No
No Survival !
gives the U.S.
to cloud data.
The U.K., Germany, France, Japan and Canada, have laws letting them demand personal data stored on "clouds" along with Russia Israel North Korea all Arab and all African countries. Your "Top Secrets" should never be more than 2 internal offices away locked and hidden and you should have Worlds best "Secure Technology" for "Top Secrets" ExtremeCrypt ExtremeTomb notebooks and ExtremeCrypt ExtremeCitadel static and mobile servers where necessary giving you 250 years protection - Never Never use "clouds" for "Top Secrets" :(Use Browser Arrow to return), now you know why.
The Patriot Act, passed as an anti-terrorism measure in 2001, is used as shorthand to imply that the U.S government has greater powers to get personal data than other governments but European countries with strict privacy laws also have anti-terrorism laws that let governments "fast-track" access to "clouds". This is the most cogent reason Never to use clouds , they are an open invitation to massive industrial and commercial theft of your very precious data - obviously when your data is copied(Stolen) your don't know, when its your car you do !
Since late 2011, some European cloud providers have promoted services as safe havens from the U.S. Patriot Act. In September 2011, Ivo Opstelten, the Dutch minister of safety and justice, said that U.S. cloud providers could be excluded from Dutch government because of the Patriot Act. Opstelten later softened his stance. Any government that uses foreign "clouds" needs quarantining and very urgent full scale psychiatric assessment and long term treatment .
But there are misunderstandings about the Patriot Act and other countries' laws allowing access to cloud data. Some people believe, and some cloud providers have advertised - that choosing a cloud service provider based on its location will make some data stored in the cloud more secure and less subject to governments' access.
However, the Patriot Act generally didn't create broad new snooping powers in the U.S. but expanded existing methods making it easy to bypass checks and balances guarding peoples privacy by the government and NSA etc. which include any overseas persons the Americans considered fair game.
There are "meaningful limitations" on the cloud data U.S. authorities can access, with law enforcement authorities needing court-ordered search warrants in some cases, and investigators able to issue subpoenas in other cases - in practice all requests are granted by one anonymous highly paid judge in the secret Federal Intelligence Surveillance Agency(FISA) in Washington DC. We have also been led to believe that massive "legal" cell phone and email capture by the NSA was unknown to the U.S government ! Other countries studied also require cloud providers to turn over personal data when compelled by a court again all Europeans automatically grant the request.
Other countries have their own privacy challenges.ISPs in the European Union must retain telecom customer data for between six and 24 months, when U.S. ISPs don't have to, but the NSA scoops up cell-phone calls and emails 9 times more than all other countries put together anyway.The E.U. data-holding order gives European investigators access to your data that may be deleted in other countries. Now we learn the UK government is scooping up private Adult content from Yahoo's sites plus undisclosed others: the UK civil servants "relaxation" club ?, possibly MP's as well !
Under the order, agencies can access, with judicial permission re:highly paid judges - in practice all requests are granted-, details such as IP address and time of use of every email, phone call, and text message sent or received.
You should know enough now NEVER to transfer your "Top Secrets" to anybody's "cloud" .
Since the Sept. 11, 2001, terrorist attacks on the U.S. they have "Chinarised" their demands for data from other jurisdictions much more than have other governments.The U.S. has spent billions more on powerful data processing tools than other governments. No other spy agency competes with the NSA [U.S. National Security Agency]."
Data laws were surveyed in 10 countries all of them allow the government to demand cloud providers to turn over data related to an investigation. In eight of the 10 countries, cloud providers can voluntarily turn over some data to the government in response to an informal request, the exceptions being the U.S. and Japan.
Eight countries do not require the cloud provider to notify its customer when it turns over data to government investigators. German and U.S. law allows cloud providers to notify customers, with some exceptions.
All 10 countries allow government agencies to monitor electronic communications sent through the systems of cloud providers. Eight of the 10 countries allow government investigators to require cloud providers to turn over information stored on a server in another country. Germany and Japan do not allow such access, with some exceptions. Now you know "clouds" are okay to store monthly cookie and coffee orders. If you are smart enough to understand the possible ramifications to you of the above you are already aware of the dire consequences if you make bad data security and management policies. Be safe not sorry.
Top of Page
We all get excited when something important happens and no more so than when it concerns our work or job. We have all enjoyed that great feeling when we have seen all our hard work start to show results and finally see it translated into a result as or better than expected.
It is ensuring that during those exciting times that you and your companies "Top Secrets" do not unwittingly become conversational confetti , scattered far and wide with some landing on undesirable recipients. We all know....."Hey can you keep a secret ?" ,"Of course.." then " Hey can you....." .
Conversations which cannot do any harm can occur when the "Top Secrets" are strictly restricted to your most Trusted Persons ,those heavily involved and who have the most to win or lose on the outcome. Further tightening should rigidly use the "Need-To-Know" policy where your Trusted circle can access their relevant Secrets but nobody else's. Where overlap takes place only those mutual Secrets should be presented. This might seem big overkill but since Manning and Snowden - regardless of the rights or wrongs- have shown that mismanaged "Top Secrets" produce "interesting" consequences.For you it could mean the business crashes and becomes history.
Social Networks Horror Story
Here is a true bad story. The British secret service hacked LinkedIn and changed the website pages of some Belgian telecom engineers Re: Anonymous tactics . To the engineers their pages looked the same but all the information the British got let them into the confidential wireless (cell phone) networks they looked after. The British then inserted Malware into parts of the networks and began their spying. It is not known if LinkedIn colluded in any way with the British however its difficult to believe such an intricate hack could have bypassed LinkedIn's senior Webmasters attention .
The Patriot Act and the NSA CIA Department of Defense State Department and the Presidents Office have full American legal authority to look at every social network account holders details as and if needed and the British under their Regulatory Powers Act . The British are also scooping up private Adult content from Yahoo and other sites. Every network comes under every security law and you will not be informed , by American law, if your "privacy" is breached . If you are a "selfie" addict it won't matter. To the rest of you the accounts should be limited to greetings , what you had for breakfast etc.
To any professionals just do not put any important personal professional details on any social site. You may think its good self PR to advertise all your qualifications and your job responsibilities
who you know in your industry current projects etc. but the massive trawling of the whole internet now by friends , foes and neutrals means the smallest slip can cost not only you but some direct and indirect persons around you. Talking in the pub or club may involve a few people , put those words on social networks and you have no control and 5 or 50,000 strangers may read them.
For Trusted Persons leading personal computing secured voice-to-voice and file transfer communications solutions allows those persons to confidently communicate with each other locally or globally in a safe and protected environment.
Phones You Know These Stories
As soon as phones became a normal business tool they started to be tapped. At its most crudest phone tapping involved climbing the targets pole near the building and splicing wires into the phone lines running them to a receiver in a "plumbers" van and to listen in on an office block office "tappers" went to the central cabinet and located the required switch(s) running wires to a nearby room.
Later some countries built automatic phone tapping circuits into their telephone exchange buildings. These are still used for tapping landlines. Landlines are particularly dangerous because "real-time" recordings are gathered.
Fast forward to cell phones. Your cell phone hears your voice sounds in one electronic format does very very fast conversions of your voice sound stream - your phone is not interested in your speech - to the different output format sound stream. It has one or two formatting codes added and off it goes through the ether to the nearest tower and on to the destination phone. The world has learnt more about Security Agencies and wholesale cell phone "spying" in 2013 than in the previous 22 years , albeit , unintentionally .
The 2 formats which form the basis of end-to-end cell phone communications means the calls cannot be easily recorded if at all. Your calls are moved around by the communications equipment reading the senders "header" part of the call. It contains numbers which are completely divorced from the "speech packets" which are you talking. There is know way of breaking into these packets to listen to calls largely because there are about 3 different transmission modes used among global phone companies.
Security Agencies collect phone company records which are for those on contracts. Pre-paid , Pay-As-You-Go do not have any records and so do not produce call records.
Now you know , buy several unlocked phones , use different phone companies from your business contract company. Use different phone company SIM's and give them to your Trusted Persons only and keep that information confidential. For companies whose staff travel overseas buying these phones then to use in your operating country is one more security measure since these phones have no record. Use these phones for semi-sensitive calls. Security agencies are now collecting some data about pre-paids and are trying to do call-matching by tracking names not numbers. This is overcome by initiating the call with phone 1 to destination phone 2 hanging up after contact then getting the other party to call on their phone 1 to your phone 2. NEVER discuss "Top Secrets" on any phone , there are secure anti Security Agency methods available for that - regionally and globally .
Top of Page
Emails Horror Story.
When News of the World editor Rebekah told News of the World Andy how much she loved him for over 6 years , it sure was news to her husband Charlie ! , that was a recent most high profile example of the danger of emails because they are legitimate legal documents and this one was produced as Court evidence in a London phone hacking trial.
When Security Agencies collect emails they store trillions of data packets containing billions of email messages including any attachments. Possibly 4 trillion data packets are forwarded each second around the world - locally and globally.
Much of the comment about the Security people doing all their dastardly deeds about data and email collecting is based upon very uninformed superficial reporting ,even among "experts". Briefly transmitting all data around the internet is handled by packet forwarding technology's . One packet holds a set amount of continous data. Your complete email is packetized in your computers internet memory area - eg. 15 packets for your email, starting at the beginning , packet 1 to the end 15. Each packet has a header which has your internet address (Sender)and the internet gets the destination address(Reciever) and the packet number sequentially 1 - 15. Packets are used for everything moved around the internet.
When you hit Send the email packets leave your computer 1 to 15. When on the internet your packets are scattered around the world .The internet treats each packet as a single item which it try's to get to your reciever as quick as possible. Your scattered 15 packets can take up to 4 different routes to get to its destination. There it can arrive as 15 7 9 5 2 etc. The internet on that computer collects the out-of-order packets correctly assembles them and the email is complete.
Assuming Security Agencies can get your correct 15 packets from within the hundreds of billions they can get your address and the recievers address thats open because its the internet "post office" tracking data. Like cell phone calls email messages are difficult to get at and if it is achieved the data is usually out of date.
But you can be tracked :
One of the major programs that faces abuse in the National Security Agency is what’s called "XKeyscore." It’s a front-end search engine that allows them to look through all of the records they collect worldwide every day.
Anybody you’ve got email address for, any website you can watch traffic to and from . Any computer that an individual sits at you can watch it. Any laptop that you’re tracking you can follow it as it moves from place to place throughout the world. It’s a one-stop shop for access to the NSA’s information. And what’s more, you can tag individuals using "XKeyscore." Where let’s say I saw you once and I thought what you were doing was interesting or you just have access that’s interesting to me, let’s say you work at a major German corporation and I want access to that network. I can track your username on a website on a form somewhere. I can track your real name. I can track associations with your friends and I can build what’s called a fingerprint, which is network activity unique to you which means anywhere you go in the world anywhere you try to sort of hide your online presence—hide your identity—the NSA can find you and anyone who’s allowed to use this or who the NSA shares their software with can do the same thing. Germany is one of the countries that has access to "XKeyscore."
The biggest danger is the ease with which emails can be accessed on computers and on mailservers
and the cavalier way people use emailing as a quick and dirty way of communicating sometimes unknowing or disregarding the dangers.
Managing your "Top Secrets" should NEVER involve any form of emailing. CC and BCC are open ended invitations to cause you great harm if that data escapes. Malicious use of others email accounts is a favorite way of hiding criminal intent and is used to hide the perpetrator.
Now there are global difficult-to-detect "Top Secrets" communications technology's which are well suited to being confined to your Trusted Persons only. They allow them to communicate with each other in a secured environment and remain known only to the Trusted Person group.
Top of Page
Paper Storage Horror Story.
Any business who is still storing "Top Secrets" on paper is offering an open invitation to have their data abused. Even the most clever respected persons can exhibit gross ignorance and naivety when managing their very important "Top Secrets".
An Australian lawyer representing East Timor in the International Court in the Hague over a disputed oil-gas treaty in the Timor sea - had his Australian office raided by ASIO , Australian Intelligence, in December 2013 who seized his important defence documents . During the TV news bulletins over the next two days I am waiting for the backup sets of documents to surface.....I am still waiting..Should have gone to ExtremeCrypt "Doh"
If the lawyer leaves his car parked and unlocked and it's stolen there is little sympathy. The British QC for East Timor told the Court in the Hague Australia should return the documents and destroy their copies a statement he had to make but I am sure he knew was stupid.
No important documents should be just stacked on the desk or on a shelf. The best protection is offered by document storage companies but if they faulter in their duty of care eg. a fire , destruction , damage , that is little consolation to you. In extreme cases bribery might allow access to your documents. Bank vaults your office safe home safe are all options to safeguard them but paper is definitely dangerous.
Because documents contents are always readable and easily handled making sure that the least number of people -only your Trusted Persons - should handle them . They are difficult to protect because people put down folders everywhere , to get a coffee , answer the phone etc. and that can present harmful opportunities .
Anything committed to paper typically meeting minutes , dictation , casual important work notes should be entered into secured computers as soon as possible and hard copy destroyed.
Do a "Top Secrets" storage review and plan to convert and use only encrypted electronic storage.
Electronic storage Horror Story
Here we have brilliant products amateurish data security gross naivety but worldwide this is the norm absolutely not the exception. This story made me sad because it is easy to prevent.
This story starts sometime in 2011 when an Australian company found its previously healthy order book fell dramatically , at the same time specialist electronic repairers in Australia were receiving faulty hi-tech metal detectors with this company's logo , for repair. These were a lot cheaper than genuine Australian units. The repairers opened the cover of the electronic control unit to find it was not Australian - the units were returned to the company where bad electronics were discovered.
This company sent staff and their notebooks to China for business purposes. It was reported they used their Chinese hotel's WiFi and that Malware was installed on their notebooks when logged on.
Back at the Australian companies office the staff notebooks infected the servers which held "Top Secrets" in raw form IE start Word open "Top Secrets" and just read it, worse probably all IT and many others had unfettered access.
It was concluded the Chinese copied units were reversed engineered - remember the false Logo - and that a combination of hacked files and breaking down genuine units allowed the Chinese to produce an inferior copy. The Chinese needed some of the electronics design because this was the heart of the detectors world leading detection capability which the Chinese couldn't emulate. They were all being repaired rather than detecting.
The above surfaced when a story about Australian Intelligence agents drove to the company and held face-to-face meetings with the company management to tell them the Chinese had hacked them. Neither the management or the IT department had any knowledge of the hacks or any meaningful levels of server security to alert them. Australian Intelligence were involved because the company produces hi-tech military communications products also world leading so even this hi tech company exhibited a right-off-the-radar approach to its best incoming producing asset: the technical data files on its servers and they were just stolen wafting through Beijing's smog. The company went on to employ good IT and data security policies after 2 excruciating years climbing back.
Many dangerous practices are also being used to look after company data in the mistaken belief that it is more efficient , productive and cost effective. While more general data can be outsourced there are too many uncontrolled variables when giving over your company "Top Secrets" (Use Browser arrow to return) to others. The most dangerous is the legal compulsory access to all data stored in certain countries and it is not possible for you to know if your data is affected because the laws forbid all data centers "clouds" in those countries from disclosing anything to you. Not surprisingly it is possible to commit data "spying" out of everybody's sight and mind. Large advanced countries forbid all national agencies from using these facilities and large corporations also bypass them.
Because they are internet driven they are also and have been hacked and criminally abused. Your contract stipulates the they are not responsible for data loss or data corruption. Nobody releases information about mishaps but very good anecdotal evidence suggests there is not much to be gained by being part of the "cloud" in-crowd. We know that hacking and power outages are continuing problems so clients are being affected.
If you go bankrupt because you thought saving a few pennies was more important than your ongoing successful future you are not alone simply because many people discard hard logic when presented with a percieved money-saver.
The small cost of having "Top Secrets" very safe and sound up-close-and-personal means you will never be concerned about having that data on hand and never having it lost damaged stolen or corrupted. Of course only your Trusted Persons will access and use it , no outsiders , no governments no Security agencies.
Lock your "Top Secrets" . Make sure only selected IT staff are allowed to access certain servers and do random network and server room audits. Check firewalls and anti-virus software often - once a week. Now you can isolate "Top Secrets" in a dedicated locked down server which can only be accessed by your Trusted Persons using worlds best secured notebooks.
Common meeting venues Horror Story
A case in the International Court in the Hague in December 2013 East Timor v Australian Government related to a oil-gas treaty in the Timor Sea. East Timor took the action alleging the Australian Government spied during East Timor government ministers discussions in East Timor's parliaments cabinet room. They alleged the Australian Secrets Intelligence Service (ASIS) obtained access to the cabinet room and bugged the room. The Australian Government refused to comment.
It can be argued that persons (East Timorese) at that level involving confidential meetings should also be aware of the possible attempts to eavesdrop or otherwise get to their meetings subject matter.
When any "Top Secrets" meetings take place generally only selected Trusted Persons are involved so its very unlikely they will talk about them but discounting any dangers is negligent. Make sure every person who accesses any sensitive company area is double checked. It is not unknown for office cleaners hotel maids gardeners electricians to plant microphones cameras and bugs and .
The easiest policy to enact is to have several meeting venues and decide which one at the last minute
and if your company is a high risk company always ask to be told when any of your agencies is sending new staff and ask for a full background record. Practice good security and hire a reputable company to do confidential sweeps and get a record of the sweep to know what and where was swept. Its a check against the invoice as well. In the above Australia story it is believed the East Timorese did not carry out any checks for the spooks who bugged them. If your deal involves $3 billion well , You remember the Cold War : Take hot coffee to the park , turn on your dictaphone walk around and be aware of those around and talk away.
Regular social venues
Here is where the most unintended loose talk occurs. You cannot stop people letting their hair down although some are more disciplined than others you still need to cover your secrets. It is the single most important reason to implement a strict "Need-To-Know" policy because if your "Top Secrets" are distributed among several Trusted Persons but none know enough to be of any use on their own then the threat of useful leaks is non-existent. If several Trusted Persons Secrets overlap then only the very relevant areas should be shared.
Its timely to explore who your Trusted Persons should be. Obviously your senior department managers , high level technical and administrative staff will be high on the list. Some observations. Some of the most trustworthy persons are senior mature females. There are very few instances of this group performing any acts of company treachery. Over the last 20 years the overwhelming number of persons convicted , worldwide , for corporate crime: fraud spying sabotage theft has been the educated managerial level male - usually in financial trouble. If there is not an obvious place for females then place one trusted HR female and one trusted accounts department female in the group , two will form a solid presence at meetings. Mature females in the group injects a level of good debate and behaviour plus viewpoints which might add to the pool of ideas. .Thoughts of selling the company secrets are less when your male Trusted Persons are regularly chatting with wise mature females its a checks and balance thing and females read character better than males , they will detect any loyalty problems or untoward behaviour which can be dealt with before any harm. The same is true of any female dominated Trusted Person group , include 1 or 2 mature males , never confuse young bravado whizz kiddary for mature males considered arguments advice and experience .
When Trusted Persons have to travel around a country a new list of precautions have to be followed. Have a Standard user account on the notebook , nothing to do with the company network and use a very strong password at least 15 alpha-numeric characters and logon with it when the internet is being used. When using your hotel or public WiFi NEVER transfer "Top Secrets". Traveling with cell phones and notebooks needs special care. These persons will be carrying "Top Secrets" and depending on your company and its services or products you may be a target to get some or all of your Secrets. Once attention has been drawn to your company then you become a target. Targeting Trusted Persons is as easy as watching them. Sadly in todays world it is easy to get information so tracking your Trusted Person to their destination and hotel is relatively easy.
Your Persons should never leave personal documents or papers in their room , put them in the hotels security boxes and they get the key. Never leave the notebook unattended even though it is password protected AND REMOVE THE BATTERY (We tell you how) when unattended. There are many thousands of Evil-Maids worldwide who are notebook experts. Evil-Maid is an official data theft term. They are literally hotel maids who have been trained and are paid to search out and copy folders and files from notebooks , some are government employees.Never use open WiFi because of its nature it cannot provide a secure internet connection.
We have hardened non-internet global end-to-end voice, video, encrypted-file transfer tools which have not been hacked or attacked .
Top of Page
International travel Horror Story
From Electronic Storage Above:This company sent staff and their notebooks to China for business purposes. It was reported they used their Chinese hotel's WiFi and that Malware was installed on their notebooks when logged on. Back at the Australian companies office the staff notebooks infected the servers .You must also be very aware and cautious when on business in the whole of the middle east , all of Africa , Russia , Israel . Paranoia is their permanent state of mind.
Wireless Fidelity networks are fairly cheap lowish tech open space unsecured wide area networks. They are predominantly setup in public areas to let casual internet users browse. Most have time limits average 2 hours before the connection is killed. The owner - university college city company large hotels pay the bill. It is highly unlikely many public WiFi's hack the network but it is common practice in thousands of mid to upmarket hotels worldwide , and I mean worldwide. If you don't have proven notebook security tools looking after your files then don't use unknown company government or hotel WiFi networks.AND ALWAYS REMOVE THE BATTERY (We tell you how) when unattended.
As before , check before leaving that there is a Standard user account on the notebook , nothing to do with the company network and use a very strong password at least 15 alpha-numeric characters and use it when on the internet . Once your Trusted Person lands in the destination country they become subject to the hosts laws.Whilst most western countries , though caution is needed in some , they will not be hindered as they go about their business. However again if your services or products are of interest to competitors and maybe the host country government then the Trusted Person needs to excersise extreme care and caution. They are not going to come to any harm , unless you are selling 100,000 Kalashnikovs per month . but there could be excessive activity around their cell phone calls - never use the hotel's phones - and be very careful using local WiFi services - NEVER transfer files ONLY do internet surfing etc. There could also be attempts to get to their notebook's data. In some countries the hotels guests security boxes are a misnomer since local secret services have access if necessary and there are massive Evil-Maid networks in many "usual suspects" jurisdictions. We have hardened non-internet global end-to-end voice, video, encrypted-file transfer tools which have not been hacked or attacked .
ExtremeCrypt does Lock Hide Secure Your "Top Secret" Files Voice calls File transfers
Around Your Building Region The World. Our mix of leading security technologies provides the very best untouchable Stealth security and protection locally or globally and our powerful Confusion Strategies show you how to evade all adversaries ,snoopers and attackers.
Top of Page For Guidance Assistance Sales Resellers Partners Email: The Extremeteam Office RETURN
Trying to stem the tide
A 2 mins. lapse can=A $2mill theft.
"Clouds" hide the unknown
Choose Trusted Persons
Make it very difficult