Home Security for the OpSec Focused - Securing Your Home AnonymouslyPosted By Joshua Unseth
Corporate surveillance is on the rise. Including in the home security industry. Whereas the industry used to be dominated by local ma' and pa' shops who couldn't care less about what you're doing and why, the introduction of megacorps into the industry have changed the landscape entirely. We know that Google and Amazon in particular, but many others as well, are deeply interested in everything you do. They want as much of your social graph as possible so that they can feed you relevant ads or sell your data to brokers who can monetize it in other ways. In fact, most of the companies we interact with on a daily basis are not particularly good at keeping your information out of the hands of people who want to buy it. It makes sense when you realize that sharing your data is essentially a consequence free (to the sellers), cash-making enterprise. But for you, the consequences can be incredibly invasive, frustrating, and even a bit scary.
Enter the rise of OPSEC. OPSEC is shorthand for Operational Security. For the OPSEC-curious, you'll know that the field is deep and wide, and, for the most part, it adds large inconveniences to the lives of those who practice it. For the uninitiated, let me define it. OPSEC is, more or less, the practice of being as private as possible. The goal of OPSEC is to be less leaky data-wise. This can encompass a whole set of complicated digital practices from installing privacy operating systems on your phones to using browsers you've never heard of, to configuring your computer's display settings, to literally running your own search engine. And, depending on the depth of your practice, it can leak into the real world. It is absurdly complicated to live a normal life that looks off-the-grid to corporations but on-the-grid to your friends.
As a Bitcoin enthusiast myself, I have taken a strong interest in OPSEC. And the inspiration for this article is a combination of things. Timing-wise, I'm writing it now, because I came across an article on page 9 of the 1st edition of "Unredacted" Magazine entitled, "I Installed Your Alarm System."
The article is a scary diary entry of a rogue installer that logs into an account and watches his customers video cameras. He obliquely explains how he does it. The reality is, traditional monitoring is rife with security problems, which can be a problem if you don't trust your company. Even if you trust them, the information leak is considerable. So I thought, I might write a guide that will allow you to leak as little data as possible.
1) Sign Up for Alarm Grid monitoring Using SimpleLogin
This service allows you to maintain some privacy with regard to your email. It disambiguates your email from your person, allowing you to pick a single email address for each service you sign up for. Or, you can use it in any other way you'd like. I, personally, use it so that no one can create a personal profile of me based on my email address. I recommend you sign up with Alarm Grid because, well, this is Alarm Grid. I also know the practices of my company. We have no interest in monetizing your data. How can you know that to be true? You can't. But take the hint here. I'm telling you how to buy an account anonymously. Trust me on this. We don't care about your data.
2) Pay for the monitoring service using Privacy.com
Privacy.com is a wonderful service that will disambiguate your identity from the card you use. You can pick any name, address, zip code, expiration date, etc, and sign up for monitoring. If you're in Alaska, but you want to tell us you're in Oklahoma, Privacy.com prevents us from finding out.
3) Sign up for any of our accounts
If you follow these practices, you can actually sign up for monitoring of any type and be anonymous. Yes, this includes, monitored accounts. When you are working with us to set up the central station, you can decide how you want each zone to behave. If you want us to call a guard service, or a police station, or no one at all, that is an option. The guard service is a particularly interesting piece of the puzzle. They are not police, and they will not publish the incident in the local newspaper. Rather, if you can find one in your location, they are a service that can receive alarm calls and will send someone out to an address to verify if a break-in is happening. If it is happening, then, and only then, would they initiate a call to the police (unless you ask them not to).
That said, the self-monitoring option puts everything in your hands. You will have an app on your phone that receives messages, text, and/or email alerts telling you what your system is doing. Again, in this app, you can give simplelogin.io emails, you can use a Jabber number if you so choose, or you can use a proton mail account if you'd like. The options are endless, and you can use the service without leaking any data.
4) Don't use cameras with an online service component
I'm not saying that no one should use cameras. Rather, if you're security-minded, and OPSEC is your priority, cameras that shoot out over the internet aren't for you. You'll want a local server, if you want cameras at all, to host your files. You can tunnel into your server from outside if you need to. This is a very typical setup.
Using these methods, you can properly obfuscate nearly everything about yourself. With Alarm Grid, no one has to come to your home. In fact, if you need security products, you could use some kind of freight forwarder to ship the items to yourself. This with privacy.com would allow you to not leak your actual address.
This is the perfect service for the security minded, celebrities, Bitcoin whales, or anyone else who simply doesn't want anything about them known to even the company monitoring their alarm. The Unredacted article paints a bleak picture about something that is completely avoidable. If you don't want your data leaked, you don't have to leak it. Following these practices, you don't even need to trust your security company, so long as they actually attach the system to the interactive service (Alarm.com or Total Connect). It just takes a bit of planning, work, and the right company.