Twitter | Search | |
the grugq
Security Researcher :: Cultural Attaché :: g@comae.io :: PGP :: Не верь, не бойся, не проси :: you can’t fight a meme with an exploit
271,464
Tweets
353
Following
97,973
Followers
 
View more photos
Tweets
the grugq 2h
Replying to @krnlpnc_
I haven’t. It is a minefield I’m not sure I want to enter. Each Linux or BSD box is essentially unique. There’s no way to make general statements. • Disable gpaste -> “don’t even use gnome! I have i3 setup to..” You know?
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
Traveling to a third party country for meetings is usually considered much safer than in country meetings. This method only really works if there is freedom of movement for the spy. Restrictions on Ames’ travel meant only official business travel (as cover) was safe. Narrator:
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
Honestly the only security lesson here is to not make international phone calls to discuss the details of your secrets KGB spy meetings with your wife.
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
“And When is your next meeting with the KGB? Do you know where you’re going? Make sure it’s a good destination for you, you know how you get...Lima? Lima?! You could get killed! No, go to Bogota again.” Rick: ok ok ok. I’m getting the money, ok? Geez
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
“Be careful...and seriously, nothing went wrong? You don’t sound so sure. Don’t lie to me. Ok. Ok... so, you got everything all set for you meeting tomorrow? What is the plan for tomorrow?
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
Is there backseat spying? Is that a thing? I feel like that should be a thing. “Did you go to your KGB meeting? How did it go? When did you get back? Don’t ask my mother, it’s not her job to keep track of your KGB meeting! I’m worried your screwing this up. Are you?”
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
but really it is far worse than a simple story. The addition of unnecessary details makes it more complicated to keep straight, there are easily checked elements that can destroy to cover, and so on. Aspire to self evident covers.
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
Therefore a simple cover like “he’s in Annapolis” is better than “he has a doctors appointment in Annapolis and then he’ll stay overnight at a hotel to recuperate before coming back in a couple days.” That cover story might appeal by seeming plausible and explaining everything,
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
The beauty of a simple cover like this is that it is “self evident,” the story is built in the mind of the observer. “Why is there an old man at the dock with a fishing pole this early in the morning?”... the cover story is constructed by the observer from the context.
View conversation · Reply Retweet Like
the grugq 3h
Replying to @thegrugq
Constructing a good cover story can be hard. Ames creates a good one for his wife to explain his absence if somone calls. It is good cover: not elaborate; easy to remember; mundane; smooth, no specifics or details, and hard to verify (except for the paper trail to Colombia).
View conversation · Reply Retweet Like
the grugq 4h
Replying to @MaryniczTed @Cyber_Cox
Slow down there speedy, you’re getting ahead of the class! ;)
View conversation · Reply Retweet Like
the grugq 4h
An old OPSEC list. By “isolation” I meant physical compartmentation. The concept is to put all the stuff for one compartment in the same place and have it separate from other compartments. As simple as a specific bag for your work laptop and related stuff vs your personal laptop
View details · Reply Retweet Like
the grugq 4h
Replying to @Crimealytics @WylieNewmark @imelven
I’ll move it up, but right now I’m elbow deep in deception and propaganda stuff, don’t think I have capacity to give it the attention it deserves.
View conversation · Reply Retweet Like
the grugq 4h
Replying to @johannvonbored @imelven @WylieNewmark
It’s on his medium, if you google for it.
View conversation · Reply Retweet Like
the grugq 4h
Replying to @WylieNewmark @imelven
Ego can be a big reason for a spy. Thinking they’re smarter than everyone, or having a secret that makes them special, revenge against being screwed by work, or for the thrill. So narcissism fits in.
View conversation · Reply Retweet Like
the grugq 4h
Replying to @ericghill
Proves they’re secretly communists
View conversation · Reply Retweet Like
the grugq 4h
Replying to @WylieNewmark @imelven
When I get to it. I’ve got a 200+ “to read” list right now.
View conversation · Reply Retweet Like
the grugq 4h
Replying to @devonrevenge
Yes
View conversation · Reply Retweet Like
the grugq 4h
Replying to @imelven @WylieNewmark
Haven’t read it.
View conversation · Reply Retweet Like
the grugq 4h
Replying to @thegrugq
My favorite part so far is just his wife nagging him about contacting the KGB like he forgot it to put the recycling out. “Is it that hard? Why didn’t you do it today? Tomorrow is already the 13th! You know what, fine, I’ll do it.” Narrator: He does it. At 6am.
View conversation · Reply Retweet Like
Load older Tweets