Device Attacks
Computer and Phone attacks
Part of the problem is the tangled mess of code on your system. There is more code than any one person can understand on a computer. You need to cover every hole in your defenses, but an attacker only has to find one.
Computers, Phones, and all other devices require multiple layers of software. Most of these layers are contained in the operating system.
The first layer of software is the BIOS. The BIOS is not part of the operating system, it gets loaded into the motherboard directly and allows operating systems to work. Malware installed into the BIOS is difficult to remove or detect.
The more layers of software there are, the more attack vectors against the device. Some hardware is also more susceptible to attack then others. For example, if you have a choice between connecting to Ethernet or Wifi for your internet, Ethernet is much more secure and less likely to be snooped on by people nearby.
GrapheneOS
Phones are a higher risk then Desktops due to the radio inside of it that connects to cell towers. Even if you switch out the SIM card to change your phone number, the IMEI number built into the hardware cannot be changed. As a result, if your phone number becomes compromised, simply switching out the SIM card is not enough. The entire phone has to be dumped to evade state level threats.
To mitigate small time and corporate threats, you can install GrapheneOS on some phones. GrapheneOS will disable some of the older radios protocols like 2G and 3G to help mitigate some of the older fake cell phone towers. GrapheneOS by default does not come with Google apps, but they can be installed if necessary.
Photos taken with your phone often include the current date, time, and your current GPS location. GrapheneOS by default will not include that "Image Metadata". You can also scrub image metadata from already existing images. Social media will often scrub this information before posting your image publicly, although they might keep that data for themselves.
If you are trying to mitigate state level threats, don't have a phone, or keep it in a faraday bag. Only take the phone out of the faraday bag far away from any physical location you want to remain secure like your home.
Tails
Not all operating systems are created equally, my recommended operating system for web browsing and communication where you need the highest security is Tails. If the BIOS already has malware, Tails will be compromised. But if the BIOS is clear and you use Tails, you are likely OK.
If there is a BIOS keylogger installed, you can get around it by using the on screen keyboard for entering in password and other sensitive information. In that manner, you can enter your password without using the physical keyboard that the BIOS would be logging.
Tails is meant to be installed onto a USB stick, and meant to be used read only. If you do not enable write access, then when you shutdown your computer, everything you downloaded will be gone when you start Tails up next. There is a feature called "Persistent Drive" in Tails, but I do not recommend using it. Instead I recommend using a second USB stick for files you want to keep.
I do not recommend Tails for daily use, but it should be part of your communications plan for emergencies.
Physical Attacks
If a malicious actor has physical access to your machine, malware can be installed into your operating system or BIOS. Some operating systems have the option to encrypt the entire hard drive that the operating system is installed on, you have to enter a password on boot do decrypt. But this will not protect against BIOS malware.
A classic example of this is a BIOS keylogger being installed on your laptop after you leave it unattended in your hotel room. After you come back and login to a secure website such as your bank, the keys you typed for your banking website, username, password, everything gets logged. The attacker may or may not need physical access a second time to retrieve the logged keys.
I heard a story of a businessman that left a stuffed animal camera next to his laptop so he could see if anyone tampered with his laptop while he was in West Taiwan (China) on business. The video shows hotel employees going in, doing their normal thing making the bed and other hotel staff duties while talking with the West Taiwanese letter agencies snooping about the businessman's stuff.
The funny thing is, they recognized the stuffed animal as having a camera built in. Agents from TWO DIFFERENT letter agencies in the room were accusing the other of placing that stuffed animal there without notifying the other letter agency. It did not cross their mind that the businessman had placed it there.
The businessman saw the video, and what they were saying, and got out of West Taiwan real quick.
One attack vector on your laptop here is a virus installed into the BIOS of the laptop. Generally this would be a keylogger. This is a piece of software that records everything that you type. After installing this virus the attacker would leave the laptop how it was and come back another time to retrieve the recorded key-presses, thus gaining any passwords you used between when the keylogger was installed and retrieving the logs.
There are a couple of tricks to mitigate this, such as placing an object next to your USB ports on your laptop. The attacker would either have to move the laptop or the object to plug in the necessary USB device to install the keylogger. This can be made more secure by taking a picture of the laptop and object. Then when you return to the laptop, take a second picture from the same position and compare.
There is an app (unaffiliated) by Clint Emerson called Photo Trap that actually helps you do this by highlighting differences in two photos. It's called "Photo Trap Change Detection" from "Escape the Wolf LLC" on the iPhone app store. Keep in mind though, an attacker can use the same app to put everything back as best he can so that it wouldn't be detected by you.
Adding some lint between the hotel room door and the doorjam as you leave is an old Tradecraft trick to see if anyone has passed that door. If the lint does not fall and was already on the ground, then someone has opened that door before you. If the lint does fall when you open the door after getting back then either nobody has passed that door, or someone with experience saw it as it fell and replaced so you would not suspect. Using this trick multiple times, such as under your object and laptop in addition to the Photo Trap app adds multiple layers of security.
In a hotel, bring your laptop out with you if at all possible. If you must leave it behind such as to reduce the chances of being mugged, try these old Tradecraft tricks to check for potential physical attacks on your equipment.
Zero Day Exploits
One uncommon attack although it is rare is called a "Remote Execution Exploit". Meaning that an attacker can run code on your computer without consent of the user. These exploits can install viruses that can then steal data, activate cameras and microphones, lots of nasty stuff.
These are rare for a hacker to find, and if a hacker does find one and uses it maliciously they likely won't be for much longer. Governments love to give hackers of this caliber a choice, work for the government or go to jail for the rest of your life. Obviously working for the government pays better.
There are some "White Hat" hackers who find these and don't use it maliciously, and report the exploit so that web-browsers can patch the exploit. There is a constant war between the "White Hats" and "Black Hats" creating and patching exploits in software.
In fact, the US letter agencies have employed people to exploit Tor, and other letter agencies are employing people to actively make Tor more secure because they use Tor! Your tax dollars at work.
There are ways to mitigate Zero Day Exploits, using Tails in a virtual machine is one of them. By running it in a virtual machine, even if there is a remote exploit bug in the Tor Browser an attacker also now has to break out of the virtual machine with a separate remote exploit bug. This adds another layer of protection.
Malware
Malware can also be installed by a user who thinks that they are installing legitimate software. There is no need for a "Remote Execution Exploit" if you freely install the malware. For Windows, the built in Windows Defender and Bitdefender are good options. Linux has a command line tool called rkhunter, but is beyond the scope of this document. Be careful what you install on your computer, and liberal use of virtual machines can reduce the damage malware can do. I have discussed the use of virtual machines as a safeguard against malware elsewhere.
Update your software regularly, sometimes it will block up holes that malware will take advantage of.
Last updated