Insights For Success

Strategy, Innovation, Leadership and Security

General

OPSEC : What should I include in my bug-out bag

GeneralEdward Kiledjian

Search Google for "Bug-out bag," and you will get 137M results. YouTube has a 144K videos discussing it. A Bug-out bag (also called Go Bag, BOB, 72-hour kit, grab bag, a battle box, personal emergency relocation kit) is a small personal maintenance kit that would allow you to survive 72-hours when faced with an emergency. 

Most emergency agencies reconnect you prepare some kind of emergency kit. Emergency Preparedness Canada has a website dedicated to building basic bug-out kits. The US Department of Homeland security offers similar suggestions on their website

Without going overboard, the purpose of this article is to provide general guidelines for the average Joe interested in being better prepared (not for a survivalist or extreme prepper).

Where should I keep it?

Location, location, location... You Bug-out bag is useless if you cannot quickly grab it during an emergency and quickly leave the risk region. 

Your bug-out bag should be kept close to the main exit for your dwelling so you can grab it and go. 

An operational security expert will typically run several scenarios to evaluate possible calamities and what the best exits would be (it isn't always your front door). Spent some time thinking about this and place your bug-out bag close to the exit you are most likely to use (garage, front door, back door, bedroom windows, etc).

Basic bug-out bag items

In security, you can spend a little or a lot, it really depends on your level of paranoia. Most people don't need a 200lb bug-out bag that contains $500 of survival items. So here are the basic everyone should have in their kit:

Documents

  1. National identification documents (originals or copies). These can include drivers licenses, passports, medical identification cards, etc
  2. Keep a couple hundred dollars of cash money in different denominations (assume the electronic payment networks may be unavailable)
  3. A printed list of emergency contacts (local hospitals, police stations, family members, friends, etc) 

Personal Items

  1. A basic $20 first aid kit (from the pharmacy or Costco)
  2. A couple of litres of drinking water in sealed containers
  3. High calorie easy to eat snacks (that do not require preparation)
  4. Head covering (in case you have to walk in the sun, rain or snow), I keep a buff multiuse scarf
  5. Bug repellent
  6. Sunblock
  7. Prescription medication, glasses and contact lenses

Communication Gear

  1. A mobile phone (if possible an extra pre-paid SIM on a different network)
  2. Hand crank powered emergency radio 
  3. Small notebook, pen and pencil
  4. Printed local maps (street and topographic)
  5. A large (at least 20,000 mAh) external battery to charge your electronic gear. My battery of choice right now is the OmniChage Pro

General Gear

  1. A multipurpose knife (my choice is the Victorinox SwissChamp)
  2. Flashlight (ideally something that can be charged with your external battery via USB).
  3. "Normal" candle and weather resistant matches
  4. 550-lb paracord
  5. Handheld mirror
  6. Phrasebook if travelling abroad

The Pack

Talking about Bug-out bags is like discussing religion. Everyone has strong opinions about that the "best" bag is. My recommendation is to choose a backpack (since these balance the weight better and are easier to carry over long distances). 

My only recommendation is to choose something that is as light as possible while being resistant.

How to fix issues at hotels, airports and other public WIFI hotspots

GeneralEdward Kiledjian

A captive portal is the intercept page you see when trying to log into most free public WIFI hotspots (e.g. airport, restaurant, hotel, etc.) You are normally shown a page that collects your email and then asks you to agree to the provider's terms of conditions. 

As browsers adopt more secure protocols by defaults (iPhone, Android, Windows, Mac, iPad, etc.) there are situations when your device may not trigger the portal webpage correctly. The browser may block redirection to the portal page because it is typically transmitted using unsecured HTTP. 

In some cases, devices will attempt to detect and open an unencrypted webpage to allow the public WIFI router to inject a redirect URL. WirelessPhreak has a good technical article that discusses why new more secure tech is causing this issue. 

Each smartphone manufacturer uses a different non-SSL webpage to detect a captive portal:

  • Google Android: http://connectivitycheck.gstatic.com/generate_204
  • Apple iPhone & iPad: http://captive.apple.com/hotspot-detect.html

What do you do if that automated portal detection doesn't work? How to you trigger the captive portal?

Enter the webpage Never SSL. If you are connected to a public WIFI (that should work) but are not seeing the captive portal, open your browser of choice and navigate to http://neverssl.com/
 

This will fix your issue and you should be bathed in warm loving WIFI Internet. 

Find phishing and malware with a simple search

GeneralEdward Kiledjian

A very important function of any information security team is threat intelligence. Threat Intel can be a complicated and costly service in some cases but can be as simple a running a simple search in other cases. Here is a trick to get you started with the simple and cheap function.

Did you know you can find lots of "fun" phishing and malware links using nothing more than a simple VirusTotal search? Search VirusTotal for Google Storage API (precooked link). 

Go down midway on the results page and voila.

The one I highlighted above takes you to a dropbox phishing site

Some may not be fully formed yet. Some may already be taken down but you can find some interesting opportunities for research. 

Simple "script kiddy" level Threat Intel for you.

2 secrets you need to know for Amazon Prime Day

GeneralEdward Kiledjian

Amazon Prime Day is here and expect millions of customers to go crazy buying things they don't need. At least those unneeded items are deeply discounted, right? Maybe! Thousands of items will be sold at their lowest price ever, but that isn't the case for everything.

The internet is here to save the day again. A free online tool called CamelCamelCamel will show you the truth.

You paste an Amazon link into the search bar at CamelCamelCamel and it will show you the item's price over time.

You copy the Amazon URL into the CamelCamelCamel search bar

Then you scroll midway down the results page and notice that the current promo is actually a good deal.

CamelCamelCamel covers Amazon sites for Canada, USA, Australia, China, France, Germany, Italy, Japan, Spain and the United Kingdom.

Do you want an example of a not so good deal? Here is one for you:

Looks like a good lightning deal...

CamelCamelCamel says this item was sold December 2017 for $53.82, a full $6.48 cheaper. This means that if you don't need this item right away, you may want to wait a bit or find an alternative that may actually be a deal. 

And one more thing

I'll sweeten the pot with one more tip for Amazon Prime Day (PrimeDay) and this one is related to the product reviews. You will notice that those Bluedio headphones seem to have a good user review rating of 4/5 stars (with 273 customer reviews). Can you trust those reviews?

Enter Fakespot! Like CamelCamelCamel you copy the Amazon product URL into the Fakespot search bar and you are presented with a review reliability score

Fakespot isn't perfect but it is a great way to quickly determine how much trust you should put in the user reviews. Notice above the analysis is old. if you see that button, press the ReAnalyze button and wait until you get a new rating.

When I tested Fakespot with these on-special headphones, the user review rating improved from an F to a D. 

The moral of the story is that you will probably find hundreds of great deals worth the asking price but make sure to perform your own due diligence using CamelCamelCamel and Fakespot

Google Chrome's Spectre Mitigation is consuming 10% more RAM

GeneralEdward Kiledjian

Google Chrome has always been a resource hog, but you may have noticed it's been consuming just a little bit more RAM lately (on your desktop).

This new more demanding Chrome is because of the Google's Spectre mitigation efforts.
The Google Chrome security team has enabled site isolation as a default (in Chrome v67 for desktops). Justin Schuh, head of Google Chrome Security, explained that site isolation separates each website process thereby preventing a malicious tab from stealing data from another.

When Site Isolation is enabled, each renderer process contains documents from at most one site. This means all navigations to cross-site documents cause a tab to switch processes. It also means all cross-site iframes are put into a different process than their parent frame, using “out-of-process iframes.”

Don't expect to see this update on the Android version anytime soon, the resource consumption requirements are too high (for now).

Chrome is obviously my browser of choice but I have been concerned at the amount of resources it requires and this move (although right from a security perspective) further pushes Chrome in the wrong direction. 

Additional reading: