Portable Dvd Burner For Laptop

[Desmond Hutchins]

Couldyou share some operational security tips for using such a "burner" laptop? Clearly the point of having such a laptop is to avoid spreading an infection back to your main systems after the cons; but there are also some sticky tradeoffs that could arise when actually using the laptop to do real work, such as:

* How do you transfer work files back from the burner laptop to your main systems after the con? Connecting to your home/work wi-fi or VPN, or using an SD card/USB drive to transfer files, could potentially expose your main systems to attack if we assume the burner laptop was compromised.

* Do you use "burner" online accounts and passwords as well to prevent their credentials from being keylogged by a presumed hack of the laptop at the con? Or are you confident enough in 2 factor auth to protect you from that? And/or do you change all passwords you used on the burner laptop when you're ready to "burn" it?

* How do you intend to dispose of the burner laptop after you're done with it? Reformat the drive? DBAN it and send it out for recycling?

* More generally: what is the specific threat model you have in mind that this burner laptop is intended to protect against? What kind of attacks/malware are you trying to isolate your main systems from? Are you concerned with "advanced" attacks like BIOS/firmware-resident malware, etc.? That's the only reason I can think of to actually buy a purpose-built burner laptop instead of just reformatting one you already have before/after the con. Maybe I'm missing something here?

Thanks in advance - this was a great article and I (surely others as well) am curious to learn more about the operational security considerations this is intended to support.

Wow I just got the same laptop and installed the same things. I also have GlassWire Pro installed, for added detective capabilities.

Also, I used win10pcap.org and tested with Wireshark, so I did not install the third-party pcaps that ship with Wireshark. Thus, I didn't run into the VirtualBox conflicts you did.

I like it because I can test out the various attacks from both Windows 10 and from Kali in a single $200 laptop -- so it's a different type of burner for me (and I'm not going to BlackHat US or DEF CON). I take my iPad Mini LTE with Algo to DO and Authentic8 Silo when in hostile environments. I have a Clamcase for the iPad Mini and it's not too-expensive for a more-permanent solution.

I would actually go for a chromebook not for security directly(it isn't windows) but unless you are using some microsoft specific macros you can do everything in google docs. Battery life is even better than Windows 10 and you do not have to throw the device away and buy a new one every year.

A few years back I took a similar route, with a Lenovo ultra-portable. Same limitations wrt the CPU, but it works well enough.

I got around the storage limit by permanently putting a microSD card in the onboard reader. Using some trickery I managed to boot Kali from the uSD, while leaving Windows7 intact on the internal MMC.

-> =2339

Security researcher Georg Wicherski recalls a friend who was once stopped at the airport on his way to the Black Hat hacking conference. Security took his laptop, supposedly for a routine X-ray, but it seemed to be taking too long. He suspected something more nefarious: airports are an easy place for authorities to place malware on seized equipment.

That's one of the reasons that inspired Wicherski, who works at cybersecurity company CrowdStrike, to modify a laptop in such a way as to make it difficult for adversaries to install malware on it, even when they have physical access to the device. Wicherski presented that research at the t2'15 infosec conference in Helsinki on Thursday.

Wicherski took several different Chromebooks, and instead of using the native ChromeOS, replaced it with Arch Linux. Linux generally allows for greater customization, from the applications available to how the operating system itself functions. Arch Linux is one of very many freely available versions.

From here, he added Coreboot, a piece of open source software that allows a user greater control over the boot process of the computer, so they can make sure that no malware is surreptitiously modifying the procedure, as well as a few other tweaks.

Wicherski said he chose Chromebooks because they're pretty cheap, widely available, and compatible with Coreboot. They're so cheap in fact, that for many people "if you're really concerned something happened, you can just throw them away," Wicherski said.

These customizations make it difficult for an attacker to use any sort of turnkey solution, presenting a barrier to any off-the-shelf equipment attackers might use. At border crossings, Wicherski said possible attackers might have "an appliance, that comes with a manual, and low-skilled operators." By using a setup that is not very common, the border cops might not know what to do.

When combined with the Coreboot changes, this makes the boot process more secure overall. "By using Coreboot, which is really the first thing that executes on your CPU, and taking control over the computer as slowly as possible, then employing cryptographic signatures at every stage from thereon, it is much, much harder to develop an implant," he said.

Possible users of such a device could be hackers or technologists who focus on surveillance issues. Wicherski highlighted that the NSA has a particularly nasty capability of tampering with a computer's boot process in order to persistently access a hacked laptop. He pointed out that some regimes target political activists and journalists with malware too, and that commercial espionage is also a possibility.

But it's worth making clear that Wicherski's method is very technical: it requires physically tinkering with the innards of the laptop, and a decent understanding of tweaking a computer's boot procedure.

And it isn't a silver bullet solution. "This only protects against software and firmware implant deployment at borders, [and] it mitigates some hardware implants," he explained. "You still have to encrypt your communication; you are still vulnerable to software exploitation."

This intel aims to guide civilians through the process of setting up and using a burner laptop, a device unconnected to your true identity and free from any trackable purchase history or personally identifiable information.

Use public Wi-Fi networks and connect via a Virtual Private Network (VPN). Never use personal or work Wi-Fi networks, as they can be traced back to you. For an added layer of security, consider using The Onion Router (TOR) network.

The Burner Laptop Method is not just tradecraft reserved for NOC covert operatives but a practical approach to digital security for the informed civilian. By understanding and employing these principles, you can navigate the increasingly treacherous waters of modern digital life with the skill and discretion of a seasoned field operative.

In covert operations, the objective is often to secure, manipulate, or disseminate information with minimal exposure to oneself. Tradecraft techniques extend not only to human interactions but also to digital engagements.

Buying the laptop in cash is paramount. The objective is to have no financial trail connecting you to the device. Do not use credit or debit cards. Additionally, be aware of security cameras that can capture your face purchasing said laptop using cash, which could be used to track / identify you.

After the operation / purpose is complete or if the integrity of the burner laptop is compromised, it must be disposed of securely. A two-step process of data wiping followed by physical destruction (think: hammer, or for a more incendiary approach, thermite) ensures that the laptop, hard drive and any residual data are irrecoverable.

A burner laptop can be an invaluable asset for covert operatives engaged in high-risk digital activities, an indispensable tool in modern-day tradecraft, offering an unparalleled level of digital anonymity and security. Its operational advantages are manifold, but its effectiveness lies in meticulous planning and disciplined execution.

I know you're judging me hard. Yes, I prefer all of my other technology to be cutting edge. But give me a chance to at least try to explain why a shitty Chromebook is one of my best-kept secrets, and why you should consider getting one for yourself.

Let me get this out of the way: Google owns all of my data. Between Gmail, Google Maps, Google Keep Notes, Google Assistant, and on and on, Google has collected mountains of information on me. It's, quite frankly, really scary.

Generally, I wouldn't call myself a paranoid guy, and I'm honestly not doing anything illegal (at least I don't think I am?), but I do worry from time to time about whether my computer is being watched without my knowing it.

I know it's not foolproof, but I feel a little more comfortable with a piece of tape covering all of my laptops' webcams. I use Chrome's incognito mode whenever I don't need access to my personal Google data.

I also do all my personal banking via my phone and only over LTE, which is a more secure connection than WiFi. No, I almost never use public WiFi (you're just asking to be snooped on), and yes, my home WiFi network is locked down like a bank vault with a password so strong I can't ever possibly remember it.

Also, using a Chromebook means it's almost impossible to get a virus. Just about everything within Chrome OS is sandboxed, and viruses designed for Windows and Macs usually have no effect on Google's OS.

3a8082e126