This is the first chapter, and it will contain introductory material, the main task of which is to interest you in the problem of safe communication. I will begin this chapter with a story about an arrested hacker.
It was more convenient
One day, staff managed to catch a hacker who stole money by canceling bank transfers. The essence of the criminal scheme was the following one: a transfer was made to a bank card, filmed, canceled at the same time and returned to the sender due to the vulnerability of the system. As a result, the money doubled, which led to the illegal enrichment of the malefactors.
To perform such operations, the hacker required a large number of people: programmers who developed the technical part, and the so-called cashiers, people who withdraw money from bank cards. There were also sellers of bank cards, which then the money was transferred on, and so-called couriers, who took money from cashiers and bought cryptocurrency for them for the hacker.
The hacker was caught. He was a true professional and came up with a complicated scheme of exploiting gaps in the banking system, but, firstly, he did not encrypt the hard disk of his laptop, and secondly, he kept ALL correspondence for two years of preparation and “work”. These correspondences became for him a ticket to the prison, although he persistently tried to prove in court that they did not belong to him.
But criminologists have fingerprinted from the keyboard and from the body of the laptop, this was the main evidence of computer ownership. Cherry on the cake was a password that contained his date of birth and reinforced the confidence of the prosecution.
At one of the investigative actions, the investigator asked the hacker: “Well, how is that? Such an outstanding professional, stole millions, knew that they would look for you, and all the correspondence so simply was got by us? Why did you keep them?” The hacker replied simply to the question: “It was more convenient.”
And it's really convenient when all the correspondence is at your fingertips and available immediately when you open the laptop. When installing the messenger on a new device, the messages themselves are downloaded from the server. When one messenger is installed on all devices, and you can answer wherever it is convenient.
But the problem is, if security is important to you, then you should keep the minimum of necessary information, even if you are not a hacker and the banking system interests you only as a client.
Tip
Regularly clean the correspondence, at least those, which are not supposed to be got by third-party.Go to your messenger and conduct an audit of correspondence, clean all correspondence that you consider acceptable to delete. Let this step be the first on the road to secure communication.
They won’t give out ... they already have
Probably, each of us has friends who are afraid that the messengers will give out their data at the request of the competent authorities. Usually they see it like this: someone in uniform sends a request with their data, apparently the ID in the messenger, and in response receives the entire history of IP addresses when connected and all correspondence, even deleted ones, where they scolded the authorities.
It sounds ridiculous. However, these concerns are still small enough, some messengers provide law enforcement agencies with the ability to track all users' messages in real time even without asking, collect, store and analyze them.
Here is an example of such a messenger and an extract from the real criminal case (let's agree: I did not give it to you, and you did not see it).
In Russia, in a similar way, it was possible to overhear WhatsApp (at least in 2016, according to my sources). By the way, not only messengers commit the sin in this way. The Yahoo email service at the time provided access to the users’ mailboxes of US special services, and when it came up, Edward Snowden urged everyone to abandon Yahoo.
But even without this, Yahoo completely discredited itself when it allowed it and for a long time it concealed a massive leak of billions of accounts.
Don’t you communicate with yourself?
There is one more important point to remember that the correspondence is stored not only on your place, your interlocutor also has the exact same correspondence, and it will not be superfluous to give him a link to this chapter.
And if you are not sure that the interlocutor removes the correspondence, you should use a scheme with a gap of information, which I described in the chapter on self-destructing notes.
Some messengers have the option to delete messages automatically. For example, in the secure Telegram chat, you can choose the time after which the messages will be deleted once they are read by the interlocutor, I recommend setting the timer for 15 seconds.
This is especially important when discussing subjects and topics that your interlocutor will be able to blackmail you or compromise in the future. The world knows a lot of similar stories, I hope the readers of my course will never let themselves be caught in this way.