Looking for a Lab

Seeking someone to click links for me, see where they go, and what action occurs, to help me solve some of these mysterious occurrences.

Like how I friended myself on Facebook, then accepted it.  Didn’t.

Or the time I replied to the below account, then all my Followers / Following disappeared.

Help for when my blog is under a password attack.

To open and click emails that make no sense.

Or help me find clues to whomever tried to get into my domain account this week.

Ideally we can verify each other’s identity through a mutual contact. Happy to pay or barter.

See more examples for your lab here.

 

 

Things You’ve Never Seen a Computer Do

Being such a target comes from a variety of things, detailed here.

Have a good collection of screenshots like this. Here’s a few, amassed over a couple months.

When you’re done scrolling,
go change your email & bank password,
so this is not all for not.

My phone resets itself regularly, and neither Apple nor my carrier has seen anything like it.

It turns into a brick, won’t turn on, won’t connect to any network… so I replaced the entire phone, enjoyed a few days of reprieve then, it started up again.

Below, it’s frozen on the home screen, yet still providing a HotSpot connection?

Happens often, too.

Then the logs wipe themselves. Uh-huh.

The area code 200 is non-existent.

You should hear the voicemail that came with this phone call.

An attack on my blog looks like this.

Impossible.

In 2010, a massive chunk of my calendar was deleted. That hurt, I’ve maintained a digital calendar since I was 12.

Sometimes my phone thinks its in England.

And far too frequently, Montreal… you eh, no surprise.

I don’t have the list that you think I do.

WiFi has been disabled on my phone. Phft, I never use WiFi anyway.

And this is why my tweets sometimes don’t make sense to you.

At the very least, work up the courage to ask me to coffee.

You know I’ll say yes. Don’t you want to know?

 

 

Packed and Moved in 3 Hours

Here’s what my condo looked like before, above is after 45 minutes. The key to doing this quickly is to own very little, and keep it organized.

I’d received a surprise call, “Keri we have a van available early this evening” so I drove downtown and went into fast-forward mode.

Pro-packing tip: since I was unprepared, I had to locate a bunch of boxes quickly. Go to your closet Dollar Store and they’ll be happy for you to take them, it’s less recycling for them.

One last downtown selfie and out the door.

Why so fast?

Remember the week I picked up the keys to my new house? That was a Friday, and I’d had my laptops and phone wiped that Tuesday. Wednesday night I didn’t sleep at home.

Returned home Thursday, check the laptops logs, WTF the lid was opened at 12:47am? And a USB key inserted? It’s not a glitch, it’s a perfectly clean and updated computer. Hit the roof. This was bleeding into real life.

Put my computer and valuables on my back, grabbed a couple tshirts and never returned. Until this day I moved.

All belongings fit into a 2014 Ford Transit van.

So there you go, 3 hours total, it can be done.

 

 

How to Clean up a Compromise

Just lifted my head. It took 3 locations, 50 km and 6 hours of laser-beam focus.

It was bad this time, really bad. Remember this from the other day? That’s me showing you barely the surface.

If you ever have to do this:

Being prepared is the key. Regular backups, and an organized file structure. Then, wipe both your computer and phone simultaneously. Otherwise, one could re-infect the other, making the entire exercise pointless.

The clean-up kicked off here.

I used to use TrueCrypt to encrypt my password manager file, but since the last cleanup a couple months ago, TrueCrypt is no longer, so I had to scramble just to get my manager open, and get at my passwords to change them. It’s always something (and this is why I’ll never endorse a security product).

Then the operation moved to here.

Change my passwords one after another, because once you start, you can’t stop. Bet I didn’t blink for 80 minutes, and I was seeing spots by the end.

80. Minutes.

And I’m very prepared for this, and very fast, seasoned.

Point is: you couldn’t do it this quickly, you couldn’t rebuild in 6 hours.

And that makes me nervous for you when this happens to you. Start to think, and operate, and organize, like you will have to one day. Because any security professional will tell you: it’s not if you get compromised, it’s when. Unlikely it’ll be this extreme and targeted, but one stupid click, on one bad link….

Because remember, cleaning up a compromise happens while under duress… palms sweaty, a scattered mind, gripping fear that my attacker will figure out what I’m doing half-way through, and take control of the accounts I haven’t yet changed. My password manager was altered a few weeks ago, it’s possible. Seems I attract the very best. L33t. I’ve wondered for a while if I’m getting air-gapped.

Scared eyes. Hand over mouth when focused, always.

One of my worst breaches…

March 2013. It was timed to happen while I was on my first international car launch with the newspaper, an already stressful situation. Just as I was about to walk out the door to dinner with the auto manufacturer, both my Twitter and Facebook accounts were compromised, both published updates not from me.

And what could I do?

I figured okay, clearly the attacker has the ability to delete everything I own, but they didn’t, so swallow the fear and go sit calmly at dinner and pretend nothing’s wrong, eat it (and certainly don’t talk about it, because if you want to clear out a room, talk about being stalked online.)

The next morning the attack continued with a phone call, as I was readying to board the plane home, informing me my cel number had been published… to my own blog.

Yup.

Back to today – crucial stuff is now locked down, my email works again.  See, I’d known I’d been compromised for weeks, but having been at this for so many years I tried something new: I gave up. Fine, you’re so curious well come on in, see what I’m up to… I’m pretty boring eh, I work too much and have no friends. But then my boss couldn’t email me anymore, and now it affects the paper and not just me, so wipe and reset.

I lift my head up, breathe, look around the food court, and all these sounds and voices start to filter in that I’ve been completely tuning out. A table of old men are looking at me bug-eyed, give ’em a wink, and drive home.

To rebuild.

Backup, transfer to other computer, download and re-install my programs, rebuild my phone, everything has to be finished tonight. Memorize a couple more 30-character long passwords. It’s a bit all-for-not though, really, because one ‘ole SQL injection into my search bar…

Because I have deadlines tomorrow for the newspaper, and what do you say, “sorry! Someone’s inside my computer guys, so there’s going to be a few holes in the auto section next week.”

I’ve done this so many times I’ve lost count, 20 anyway. It’s sad I’m this good at it, really.

Of course I have a few suspicions where this started

… obviously ex-boys, and a couple other theories, which in trying to escape from, would make me appear like an anomaly to the watchers, who clearly can’t identify a false positive… ‘independent loner who, when they speak, people listen’ is enough to get your name added to a list…

If I was at all shady, or screwing around hacking people, I wouldn’t breathe a word of this, because I’d have earned this. But I never, ever have. You think I want that karma?

Targeting me is like picking on the kid at recess who’s wearing a helmet. I’ve said the same thing since the beginning – am I better at security than the average person on the street? Yes. Compared to anyone in the industry? Nope, I’m a baby, barely a script kiddie. I blog security stuff for the housewives and average user, opposite of bleeding edge. So like, really?

Imagine living like this everyday, everything you’ve built, your life, under constant attack.

Is this really an email from a reader of my column, or a trick? Why does this Twitter account look created just to speak to me? As if that 1-follower Instagram account just liked a photo from 18 months ago. Oh, my physical address has been changed on all my domains. Can’t get into my cel account online, again. In 2010, 5 months of my calendar were deleted. Notice I stopped using Bluetooth headsets? What is it about Bluetooth? That the range is 30 feet… The military should be studying me, to see how I’m able to eat this much PTSD and still function normally. If I told you how often this bleeds into real life, you’d have nightmares too.

It’s completely out-of-hand, this obsession with me. Someone wakes up everyday, for years, opens a file with my name on it, and dedicates time and energy to messing with my life, and mind.

This stuff is so draining. So I’m taking Friday off here, talk to you Monday.

Back your stuff up this weekend, get a password manager, and change your passwords.

Here’s what mine look like:   H}aU]’&cM$B=>Q(lI!3[d?2Ri