Guest Post by Freed Radical
The government has a cybersecurity initiative called zero trust. They are mandating that user authentication methods be structured to require zero trust of computer systems and networks in order to grant access to sensitive assets. This all originates in an executive order from cybersecurity genius Joe Biden. You did not know he’s a cybersecurity genius? His dementia shtick must be a ruse. Anyway, an executive order attempts to improve security of computing systems, at least that’s what the title is about.
This will probably only speed biometric vax passports, but I digress.
The zero trust architecture has three guiding principles, as distilled by Microsoft, 1) no default access, 2) granting the minimum necessary access privileges, and 3) assuming that the system in use has been breached.
This EO has spawned a huge rush to update security infrastructure, not just within the government. Consultants and contractors are seeing $$$ as they spool up new programs, services, seminars, and certifications. I’m even receiving spam email about zero trust. The government bureaucracy is seeing $$$ as they staff up for massive expansions of privacy invasions (called multifactor authentication), and government pensions. Unfortunately, the $$$ do not exist and will come from Federal Reserve sorcery, and straight out of your pocket through taxation and inflation. But you don’t mind trading freedom for security, do you?
When reading the three guiding principles from Microsoft (formerly chaired by Bill Gates, may he live forever), it occurred to me that these principles would be excellent guidelines for our dealings with all sorts of bureaucratic blobs which we have come to distrust and despise. We as citizens need a zero trust system in place when we interact with government and these institutions. This means that we never, and I mean never, trust a government employee, representative, politician, corporate officer, or any person directly benefiting from government payments or perks. This includes most educational institutions and corporations. Unfortunately, that broad brush covers many readers, those who are on Social Security, recipients of unemployment benefits, federal and state loans or guarantees, tax concessions, etc. While I have met people who value the Constitution over their check, I can count them on a couple fingers. Everybody else is suspect.
Okay, now that 78.2% of my readers have clicked away, shall the five of us continue?
The three principles would then be as follows.
Principle 1. No Default Access
Today, the government has a view into all our dealings. Your bank account is open on the back side to government, and the IRS is hankering for even more legal access. Of course, the government has default access to all our banking activity, and always has, regardless of the law; it’s their system. Our health care records are totally exposed to every insurance company and health care provider, and the government. There are thousands of databases containing every detail of our lives, from childhood addresses and phone number to our latest purchases, and every inference they can make from such data. Hardly any of this is illegal, but it matters not because the law is a only minor factor in their system.
The zero trust architecture for my life demands I terminate default access for government and institutions. This means that I severely restrict the information I provide, and/or flavor it in my favor. For example, take the American Community Survey from the Census Bureau. Have you responded to this survey? Do you know anybody who has? Unfortunately, I never received mine, and also missed the census polling worker in 2020. Must have been out back slopping the pigs. A lot of other people filled them out carelessly, also unfortunate.
I received a letter from my locality demanding information on how much garbage I recycle. They cited a state law in the letter, looking really official, as if that law requires me to respond. I looked up the law, and the requirement is on the locality to collect the information, but it does not require me to respond. The letter went into the trash. And the follow up letter. And the one after that.
Our computing tools give government default access right out of the box. Your browser collects massive amounts of information on your interests and habits. This information flows out to advertisers, retailers, and the government. Have you taken steps to terminate this fire hose of data? Choosing and configuring the proper browser and OS, installing blocking tools, setting up your network correctly, these can help to disconnect you from the matrix. Search for resources online to do this.
Shunning credit cards and traceable forms of payment also terminates default access. Do you have barterable goods for local commerce? Some people maintain stocks of junk silver (old silver coins) to trade with local vendors. A 1960 dime is worth about $2 in FRN paper at this writing, and is a decently small unit of hard value. We must live private lives impenetrable by the system.
Do you carry out all your communications over a cell phone? All that metadata, and probably all text messages and a good chunk of voice communications are being logged. What do you think all those data centers in Utah are for? When you use the speech to text facilities on your phone, your voice and the resulting text are easily recorded on their servers for future reference. Deny them that data. Leave your cell phone at home. It’s not going to kill you to be without it for the day. Tell your otro significo where you are going and when you will be back. Buy some two way radios.
My bank started emailing me notices every month, notices containing my full name, the bank name, and a large chunk of my account number. I called to get these idiots to stop sending private information via unencrypted email, but they only whined about some federal law requiring they either email or snail mail me every month. So I change my email address in their system to some junk that bounces. So now they snail mail a letter to me, every month, complaining that they cannot email me private information in the clear over the Internet. By doing this, I’m denying eavesdroppers default electronic access to my banking information, which apparently must be broadcast in the clear once a month, by federal law.
A friend wanted me to send him something I had written. The only problem is that he has a gmail email address. That means everything I send him goes into the Google database. I refused to send it and alternatively loaded it onto a secure server for him to download. Note that the popular file sharing services are also not secure!
Deny them default access to your life.
Principle 2. Minimum Required Access
When you visit a doctor and they hand you a clipboard or computer tablet and ask you to disgorge all your medical history, do you comply? The doctor would tell you they need to know everything about your medical history, you know, so they do not feed you a prescription peanut butter sandwich and cause your throat to swell shut during your prostate exam (that would be embarrassing). Perhaps there are some critical details they need to know about you, but a lot is none of their business.
I have medical issues I have privately asked medical acquaintances about, but no one with access to my online medical records. I know that every issue I mention to a paid health care provider is mindlessly typed into my file by the “Brittney” medical assistant standing in front of me with a computer tablet, and affects my future treatment and health insurance premiums.
Buying a used car, and paying cash, I’ve had the dealership finance guy ask me a bunch of detailed questions about my income and such. I refused to answer any of them and still drove away in the car.
Employers will ask invasive questions, and I have refused their requests. Most forms you fill out these days ask for a Social Security number. Make them squeal.
Tracking is ubiquitous these days. Even cars have GPS receivers logging the travels of the vehicle. Do you know that a piece of aluminum foil placed over the GPS antenna can frustrate that logging? Search online for the location of the antenna, which has to have a view of the sky to work properly, probably through the windshield or on the roof. Same deal for the “In-Vehicle Safety and Security System” radios whose hardware is installed and active in your vehicle no matter whether you are a subscriber.
I understand that older cars and trucks are rising in demand because they contain none of the tracking baubles.
The grocery stores collect your buying history every time you scan one of their customer loyalty cards. They hold discounts hostage to get your personal information. I use a loyalty card from a dead relative, and load their database with useless information with every purchase. Yep, this guy likes cheap beer, expensive ice cream, and apple flavored hemorrhoid medication. Yep. Sure do.
Along the same lines, my phone is ringing off the hook in this election season, and every pollster gets a different set of answers. So I can’t make up my mind. Sue me.
You must know by now that every web site you visit sucks down all the personal information it can. I use a blocker called NoScript, and it shows me all the other web sites that any web page links to, with options to block them. At Infowars.com, run by liberal arch nemesis Alex Jones, NoScript shows me that his main page interoperates with both Google and Twitter. What? Alex Jones has been banned from twitter. Three years ago. But his web site still is attached at the hip to those liberals. Maybe Alex didn’t get the memo, being busy bullhorning soy boys in Austin. But many, many conservative sites are like this, showing that there’s nobody we can trust in the techno space. No, Google, you cannot have my phone number.
Deny them the flood of information they so crave, and meter out only the pittance of information needed to get what you want out of them.
Principle 3. Assumed Evil Intent
If computer geeks assume every operating system and network has been breached, and they have been breached, why shouldn’t we assume that every institution and the government itself has been breached by communists, socialists, and liberals? Of course we should. And they have.
And if they have been breached, have they been breached with our best interests at heart? Of course not. The government, health care, insurance, banks, media, and all corporate entities are in the game for their benefit at our expense. To a certain extent, that’s capitalism, which is another name for economic freedom. But most of these entities have long moved past capitalistic competition and routinely do things that are illegal, unethical, and immoral. They engage in these behaviors boldly until they are caught, then they pay the fine, hire a damage control PR firm, and move on to another scam. That’s business in 2021. The government gets free cover from CNN on every crime. And Pfizer gets to jab a billion ignorant sheep.
We must assume evil intent on the part of all these large hogs at the trough. While I may be able to trust the local farmer at the outdoor market on Saturday morning, I cannot trust the banker in whose parking lot he is standing.
The medical establishment killed both my mother and father, one through inattention, and the other through a medication side effect. Through all my interactions with the medical people I can say that most nurses seemed to care, but the doctors lose hardly any sleep over the death of a patient. Just another number. How can I trust them with my life?
Not sure if this already exists, but a profitable business model would involve medical advocacy. It would hire retired nurses, and their job would be going to doctors appointments and doing hospital rounds for their clients. They would scrutinize every prescription, question every treatment option, explain to the client in basic terms what’s happening, and have medical power of attorney to direct medical care. Everybody, and I mean EVERYBODY submitting themselves to the medical establishment needs an advocate, to monitor care and be the flesh and blood threat of a lawsuit in case of problems. Everybody.
While advocating for a relative before a serious surgery, I noted to the anesthesiologist that in a previous operation the particular anesthesia did not work as expected, and the doctor told us he would recommend something different. The anesthesiologist looked at me, bewildered, and actually asked me what kind of anesthesia we wanted him to use! Here’s somebody with 12+ years of school and residency and whatever, and he’s asking me what anesthesia to use? The best word I can use for this is incompetence. I should have told him L-hydroxymethloflintodyne, just to see his reaction.
That’s one of the sweet benefits of the scamdemic lockdowns for health care providers, where advocates were and are still locked out of facilities. Those are otherwise known as family members. The docs can do whatever they want to patients and there is nobody there to complain. Or collect evidence. This is totally criminal.
You must assume that every bill you receive is wrong, every opinion is motivated by profit or malpractice risk, every quote is high, and every word coming out of business and industry is a total lie, and everything you buy off Amazon.com is cheap Chinese junk. If the government tells the truth on some subject, it’s only because it fits their scheme to suck you dry.
Conclusion
This zero trust architecture is a good concept for computing, except for the minor issue that they will use it to strip away more of our rights. But we also need to apply it to the institutions and government. Why? BECAUSE THEY ARE UNTRUSTWORTHY. And it’s not like they became untrustworthy at some time in the recent past, they have been all our lives. The change is that now they don’t pretend to care.
Cut off default access to your life. Deny them all but the minimum information they need to do what you want them to do. And assume that their every intent is evil.
Protect yourself. Nobody else is.
Appendix
Here are some computing tools and resources to help in your Zero Trust journey. Note that some of these tools block ads, and if you are worried about the financial health of your favorite web site, like this one, then send them contributions directly.
The NoScript script blocker speeds up browsing and allows you to control what sites pages can link to.
Privacy Badger can stop trackers in their tracks.
The Pi-hole DNS server, allows you to blacklist offending domains, such as google.com, windowsupdate.com, facebook.com, etc. You do know that Windows update is really the Microsoft / AMD / Intel PC obsolescence program, don’t you?
Check out the Ubuntu Linux operating system, the Windows alternative that is easy to use for basic computing tasks. There are are also other easy Linux versions for beginners. You can download one of these to a USB stick or CD and try it out before sending Windows to the digital graveyard where it belongs. Or if you are stuck on Windows for some applications, you can run Windows in a virtual machine, using a program called VirtualBox, a computer within a computer!
Here’s a list of virtual private networks to help you remain more anonymous on the web.
The Tor browser can also help you remain anonymous.
The Brave browser is an alternative to Firefox, Chrome, and the junk from Microsoft. And it has easily accessible Tor capability in private windows. It is based on Chrome but not maintained by Google.
Microsoft Outlook and Internet Explorer (and Edge) are virus magnets and should be shunned. Use a different email client, such as Thunderbird, and do not let your email sit on somebody’s server indefinitely. Use an email client that supports encryption.
Use a password manager to create and save strong passwords. Stop using your high school graduation date and dog’s name in your passwords!
The best antivirus approach is avoidance. I’ve never gotten an STD from a crack whore. Why? Because I do not patronize crack whores. Certain sites are popular for malware distribution, such as porn, gambling, video, dating, and social media sites. Stay away from those and you’ll be safer from malware.
Never, ever, click on a link in an email. Ever. If you want to follow the link, copy the link to a text file or a browser and examine it. If it’s pointing to some goofy server you’ve never heard of, do not use it. If it has come from some mailing service, following the link will record your activity to their database. You can also sanitize the links to remove tracking information which connects you to the sending person in the web site’s database. Delete everything after the last “/” in the string and see what happens!
Note that the klowd (aka, “cloud”) is NOT secure. As with ZOOM, which has Chinese links, cloud storage is an industrial and government espionage dream come true. Do not use cloud storage. Do not let your email sit on somebody’s server, especially Google’s. Store all your email locally, and back it up regularly. To send a file to somebody else securely, use a utility such as 7zip to encrypt it.
Understand that whatever surfing you do on your phone is associated with your phone number, and your phone account. You can buy a used laptop for $50 and run Tails Linux on it, anonymously, and surf with that.
Finally, never, ever, communicate extremely sensitive information electronically. The tools above are not perfect and each has been compromised in various ways. NO computing tool is perfectly secure. Even if a message is encrypted, the recipient has to decrypt it to read it, and if that device is infected with malware then the spooks can easily copy it without knowing anything about your encryption! Face to face communications rule!
Wow! Incredible overview. I have instituted many of your recommendations. I never conduct business via that damnable smartphone, plus I spend as little as possible (Pay as you go $20 per month and a 50 buck phone) I’ll have to read up on Pi-hole DNS servers. Also on how to defeat the automotive black boxes (Any suggestions?)
Another possible mocking action…such as requests by medical questionnaires regarding your demographic….I’m a very very light black and a chick w/ a dck. I don’t smoke or drink and not depressed (Anyway, who wants to invite a Red Flag law visit?) or anything that appears data collection related versus legitimate inquiries about my health.
“While I have met people who value the Constitution over their check, I can count them on a couple fingers. Everybody else is suspect.”
Damn straight!
Excellent write-up. Definitely worth a bookmark. Thank you for posting.
As I have been saying for quite a while-
Trust no one,
Question everything.
“…apple flavored hemorrhoid medication…”
Everything was going fine until you jammed a stick in my front spokes with that little psychological booby-trap.
And I just got back from a pasture with a Longhorn heifer mounting her mother.
I guess it’s just one of those days.
For all club cards, etc. Just hum the song from Tommy two-tone, and add an area code.
(???)867-53OH9
Always works, sometimes if you time it right, you get a free sandwich (or whatever promo for card use).
I get checkers looking at me after I give ‘my’ number “Gertrude Hefflebacher?”
“Yes.” (I’m 6’9″ and 352 lbs.)
You can always get the discounts.
Great advice. I’ve lived your three principles most of my life. But then again I’m just another paranoid conspiracy theorist. Thanks for a readable and practical article.
Excellent, Freed. Thank you.
I already have Zero Trust!! Of the government.
Very useful article! Thank you!
Zero trust was actually coined by Google.
https://cloud.google.com/beyondcorp/ – they have been doing this for at least 6 years.
As for the recommendations above: a couple decent, most junk.
If you really want to understand how vulnerable you are to internet surveillance, go visit amiunique.org
This web site checks nothing more than your browser settings to see if these are unique. Most people will be unique.
And note this is just browser settings. A professional/intel agency type snooping will look at computer hardware, cookies, search history, time/date usage profiles etc in addition.
An extra bonus note for VPNs: many “free” VPNs also sell access to traffic originating from your machine to corporations and individuals. A VPN controlled by someone else means they also can insert traffic originating from your machine/IP address; this is a cheap way to offer “anonymity” since they are just disaggregating your traffic from your IP address by switching it with someone else’s. Are you comfortable knowing that your IP address could be getting used for spam, for ransomware, for spying etc etc?
And 2nd bonus note: Tor. People keep pushing Tor but fail to understand that 1) Tor was created by the US Navy for its spies to report home. It is thus from and of the gubmint. 2) Tor uses the same sleight of hand as many VPN companies, but it is already fully compromised by huge sections of the TOR processing network being operated by the FBI etc. 3) Tor wasn’t just created by the ONi, but gets huge funding from all manner of government agencies like NED. Do you really think it provided anonymity? 4) Most importantly – Tor only theoretically protects IP packets en route. If the gubmint is really out to get you – they already can access data on your computer itself via the platforms they have working relationships with. Which is to say, Google, Facebook, etc.
Zero trust is what every person capable of critical thinking feels about the government….