Basic Privacy and Anonymity Part 1 Live Webinar, 24 August 2016

[et_pb_section admin_label=”Section” fullwidth=”off” specialty=”off”][et_pb_row admin_label=”Row” make_fullwidth=”on” use_custom_width=”off” width_unit=”on” use_custom_gutter=”on” gutter_width=”1″ padding_mobile=”off” allow_player_pause=”off” parallax=”off” parallax_method=”off” make_equal=”off” parallax_1=”off” parallax_method_1=”off” parallax_2=”off” parallax_method_2=”off” column_padding_mobile=”on” padding_top_1=”8%” padding_right_1=”8%” padding_bottom_1=”10%” padding_left_1=”8%” padding_1_last_edited=”on|desktop” padding_1_tablet=”0%|5%|5%|5%”][et_pb_column type=”1_2″][et_pb_text admin_label=”Text” background_layout=”light” text_orientation=”left” text_text_color=”#303030″ text_line_height=”1.5em” use_border_color=”off” border_color=”#ffffff” border_style=”solid” max_width_last_edited=”on|desktop” custom_margin_last_edited=”on|desktop” custom_margin_tablet=”10%||10%|10%” custom_margin_phone=”5%||5%|5%” text_font=”Source Sans Pro||||” header_font_size=”15px”]


This class is geared to those who either need to learn the basics of privacy and anonymity, or who would like a refresher. Everyone has the right to conduct their affairs in private, and this Basic Privacy and Anonymity webinar class will show you how to start doing that. Whether you’re a total beginner who’s never heard of any of this, or someone who’s dabbled but doesn’t feel comfortable with it, or even if you do it all the time and just want to double check and make sure you’re doing it right, this class is for you.


[/et_pb_text][/et_pb_column][et_pb_column type=”1_2″][et_pb_image admin_label=”Image” src=”” show_in_lightbox=”off” url_new_window=”off” use_overlay=”off” animation=”fade_in” sticky=”off” align=”right” force_fullwidth=”off” always_center_on_mobile=”on” use_border_color=”off” border_color=”#ffffff” border_style=”solid”] [/et_pb_image][/et_pb_column][/et_pb_row][et_pb_row admin_label=”Row” make_fullwidth=”off” use_custom_width=”off” width_unit=”on” use_custom_gutter=”off” custom_padding=”7.5%||7%|” padding_mobile=”on” allow_player_pause=”off” parallax=”off” parallax_method=”off” make_equal=”off” parallax_1=”off” parallax_method_1=”off” column_padding_mobile=”on”][et_pb_column type=”4_4″][et_pb_text admin_label=”Text” background_layout=”light” text_orientation=”center” max_width=”86%” text_font_size=”48″ text_text_color=”#303030″ use_border_color=”off” border_color=”#ffffff” border_style=”solid” custom_css_main_element=”font-weight:900;” text_font=”Source Sans Pro||||” text_line_height=”1.2em” text_font_size_phone=”36″ text_font_size_last_edited=”on|phone”]

These skills will help you protect not only you, but the people you talk to and work with.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row admin_label=”Row”][et_pb_column type=”4_4″][et_pb_text admin_label=”Text” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]

This is Part 1 of a two-session class. In this first session, we’ll cover the following:

  • Why all of this is necessary: who wants your data, why do they want it, and what’s “data” even refer to?
  • How the Internet of Things (IoT) has made it possible for your electronic devices to track you, listen to you, and record you.
  • the Tor Browser – how to browse the clearnet and darkweb anonymously.
  • TAILS operating system
  • PGP/GPG email – the basics of sending encrypted emails and why you should “encrypt all the things!”

In the second session, here’s what we’ll be going over:

  • Secure messaging – which ones are best for privacy?
  • Virtual Private Networks (VPN) – how to connect to the internet anonymously.
  • Bitcoin Basics – how to buy and sell cryptocurrency for anonymous purchases.
  • Best practices for online activities – how to evade digital surveillance and protect your metadata.

Both sessions will have a question and answer period as well. Sessions are limited to 25 people so everyone gets a chance to ask questions.

We recently offered this class in-person as a one-day event, and it was a huge success. We had so many requests from outside the Pacific Northwest for this kind of training that we have broken the class up into two sessions, two hours each, and are offering them as a live webinar. (It’ll also be available later as an archive.)

This is an overview class, meant to introduce you to the concepts of privacy and why they’re so critical to Three Percenters and patriots. It’ll also set you up for more advanced classes we will be giving this fall that deal with more advanced functions and operations. If any of the following statements have ever come out of your mouth….

  • I’m not doing anything illegal.
  • There’s no point in any of this; the government can see you no matter what you do.
  • Go ahead and let them look!
  • If you try to be private you’re just making yourself more of a target.

you need to be in this class. You will have your eyes opened.

You get access to BOTH sessions–a total of four hours of live instruction—for $25. That not only includes both webinar sessions live, but access to them later as well so you can go back over the material.

Session 1 is August 24, from 6:30-8:30PM Pacific time. You can reserve your place and get payment info by contacting us here.

Don’t miss your chance to learn how to protect yourself and your group.


Classes update 02 AUG 2016

Hello Patriots!

As our Facebook post a few days ago hinted, we are currently developing some new classes for you.

The first will be a two part webinar of the “Basic Privacy and Anonymity” class that we first ran back in June.  This will be our first webinar experience and will be co-taught by Kit and Steve.  Since this is our first time delivering with this method, we will only be charging $25.  We’re tentatively looking at 8/24 for part 1 and 8/31 for part 2.

For the details from the last class, see:

The second class is a new one we’re putting on, answering the call for more focused communications training to help you get comfortable around radios.  We’ll be putting a heavy emphasis on listening, small group communications, and just enough theory to get you started.  This is *not* a Technician or General class, although we cover a few of the same topics.  The details are still being worked out, but it will be co-taught by Mike and Steve.  The cost will be $50 and will be at the Kingsgate Library north of Seattle on 9/17 from 1015 to 1645.  Bring your comms gear and time allowing we’ll have show-and-tell with the class.

To sign up, please contact us at  We’re still working on a way to do online payments and signup without it being a burden.

TOWR Guides: The Case for Throwaway Email Addresses

As of April of this year, there were 336,724,945 breached accounts in the Have I Been Pwned? database (yes, I suggest you go to that database and check your email addresses).  That number has since jumped to 1,307,907,501.  This means almost 1.5 BILLION people/credit card numbers/addresses/email addresses/etc. are available, and not many of them are throwaway email addresses; most of them are people’s actual, log-in-every-day, synced-to-your-phone addresses. Before you raise your nose in the air just slightly and sniff that there’s no way you’re on that list because you are careful, let me ask you the following:

  1. Do you remember every single site you have ever entered your email address, name, or any other details about yourself, since the first time you ever logged into the internet?
  2. If by some act of God you could answer “yes” to the above, do you know (and have you kept track of) every business acquisition, re-branding effort, or data sale from every site you’ve ever given your data to, for as long as you’ve been on the internet?

I rest my case. (By the way, here’s a link to answer the question “How is my data in a breach on a site I never gave info to?”) That’s not even counting all the ways that major email providers such as Gmail, Hotmail, and Yahoo already spy on you and use your information.

So what are you supposed to do about all your personal data floating around everywhere? The bad news is, you can’t take that info off the internet completely. The good news, however, is that you can keep them from getting more, and you can change some of the info you have. Enter the throwaway email. When combined with a fake name and even birthdate, you can do a great deal to mitigate the threat there. Before we get into the advanced stuff, however, let’s take a look at one easy way to sign up for things without giving away the proverbial farm.


I happen to think this option is the best for certain situations. The way it works is this: You have a site you need to give an email to in order to sign up; we’ll call that site You give literally any email address you want, as long as it ends in It does not matter what mailinator address you give them, because when sends an email to that address, it will create the address at mailinator. This means that if you want to have go to you can, without setting up an account at mailinator.

How is this possible? It’s because Mailinator has no privacy. Every single email address is public domain and wide open, and anyone can read any email sent to any address. So, if you tell to send the verification email to, you can immediately go to Mailinator and type that address in (no password needed, since it’s public) and hit Check Any Inbox, and boom, there’s the email. Any email sent to mailinator also gets deleted after a few hours, so don’t think you can go back 2 weeks from now and see that email you got, because it’ll be gone. You can, however, still use the email again, simply by putting the address into whatever site you need it for, because mailinator will recreate it as soon as the email is received. Nifty, right? The more intelligent and creative among you can probably think of some other ways to use this as well.


  • You don’t have to give any personal information. In fact, I’d advise against using your real name in Mailinator or when signing up for new accounts at all (even when you’re purchasing something, but circumventing the whole “need all personal info” thing when buying online is a whole other article and involves a bit more work).
  • No passwords or account setup are needed; you simply make up an address that you plan to use, and give that out.
  • Free. We like free.
  • Anonymous at the mailinator site (caveats exist; see the Con list for details)
  • Very easy to use.


  • Anyone can read anything sent to any email address in Mailinator. You can test this by going to the Mailinator site and checking You’ll see all kinds of emails, from spam to account resets. This means you would NOT use this for sending uncoded sensitive messages within your group, for instance (the mailinator website, in fact, points out that if you do, you’re a “stupid head”).
  • If you do need to reset your password (you use KeePassX, so this isn’t a problem, right?), you’d have to send your password reset to the public mailbox, which could be a problem. See above point.
  • Some sites may not allow you to use these email addresses since they’re known as anonymous. They don’t like when you send them fake data; they want your real data. If you find yourself in this position, you may want to ask yourself if you really need to sign up there.

Overall, Mailinator is a solid way to stop giving your personal information to every site you log into. You may even want to change some of your existing accounts to a mailinator address as well.


GuerrillaMail is another option for those who need a throwaway email. Also free, this works somewhat like Mailinator in that it’s a publicly available email inbox. Where guerrillamail differs, however, is in the scrambling of the email address, which means your email can be something like If someone knows the ID you used on the email inbox, they can access whatever is in there, so it’s best to not use or something like that.

Basically, GuerrillaMail has the same pros and cons as Mailinator, but also has address scrambling to help obfuscate your actual email (which may be something like randomname@, but show up as

The Advanced Stuff

If you’re familiar with the dark web, you may want to consider something on the Tor network as well, for sites you need to use there. (Keep in mind that Tor has its own issues, however; best practices for Tor include using a virtual machine–Qubes if you can run it–a VPN, and not using it at home or work.) Same goes for other darknets like i2p or freenet. If this paragraph made no sense to you, that’s okay for the moment; you might want to start learning though.

What NOT to Do

A lot of us have a Gmail account (or Yahoo/Hotmail/MSN etc). In many cases it’s either our name or some identifying characteristic that lets people know it’s us (mine is from back when I was an aircraft mechanic but I have had Gmail accounts that were my name too, from when I didn’t know better). It’s easy and convenient to just use that for the spam and logins but that’s a bad idea. First of all, as we have taught in our Basic Privacy and Anonymity course, the more convenient something is, the less secure it is. Secondly, if you’re using one of those emails to log into everything, then everyone who has access to your email data also has access to everything in it. Gmail, by default, is a “gigantic profiling machine,” and as far back as 2013, Google was quite clear that anyone who emails a Gmail user has “no legitimate expectation of privacy in information” because they “voluntarily” turned over information to “third parties.”

This means that if you decide to get Protonmail (a good choice) for your sensitive emails but then decide to use your Gmail for all the rest of your everyday logins, you’ve just defeated the purpose of the exercise. In fact, if you own a Gmail account, go look at your Google Dashboard and see how much information there is about you.

The Third Option

Staying on top of your privacy is a never ending endeavor. If you’re an activist or involved in liberty work, however, you don’t have another choice. As a society we are conditioned to think in terms of binary options: one, or zero. Republican/Democrat is a classic example. In reality, however, often there’s a third option that we don’t think of. When it comes to being tracked everywhere we go or having all of our purchases cataloged, it seems sometimes like there’s no way out. Either we are getting tracked (in which case, our beliefs and activities draw suspicion and extra attention), or we go all out and drop off the radar, which also draw suspicion and gets us more attention. It’s easy to feel like we’re being funneled into a no-win situation. But we aren’t, if we think smart. There are ways to turn the system back on itself.

Imagine doing any of the following:

  • Having your Gmail signed up for updates from the DNC, Hillary, Obama, and every anti-gun group there is (if you paid attention to the article on infiltration, you may already be doing this). Obviously this won’t work if your Facebook looks like a meme shrine, and most people suffer from one very exploitable weakness that will ruin this, which I’ll talk about in a future article.
  • Downloading an app that you know tracks your every location when it’s open (such as Pokemon Go or Waze), and establishing a pattern of places and times where you are known to be. Then, send your phone with someone else, in your vehicle, to a place/time in the pattern who will have the app open, tracking “you”—while you go elsewhere to meet with a contact, pick up an anonymous purchase, or check your message drops.
  • Sending yourself a lot of encrypted material at Gmail. As in, so much encrypted stuff that they have to spend resources digging into it. I prefer encrypted cat pics, myself.  While they’re digging through those, I can send other things elsewhere, through different means. Do not send anything related to your activism through your regular email. Ever. For any reason. I see a lot of emails coming to TOWR, asking for training on various topics or wanting to ask us a question related to the movement somehow. It seems like with very few exceptions, all of them are coming from email addresses hosted at Gmail, MSN, or other open provider. In fact, we’ve gotten a few that were from their actual ISP domain (Comcast, Frontier, etc.) Do not do this.

The list goes on. Be creative.

The bottom line is, you’re being tracked. We know that; it’s old news. Our job is to find ways to either dodge that surveillance, or use it in ways that let us work the system to our own advantage. Throwaway email addresses are just one of the tools we have.

Keystroke Loggers in USB Chargers

The FBI, interestingly enough, is warning private industry partners to beware of “highly stealthy keystroke loggers that surreptitiously sniff passwords and other input typed into wireless keyboards.” You think?

“If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information,” FBI officials wrote in last month’s advisory. “Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen.”

Before you get excited and think the FBI was looking out for you, take note of the following:

The FBI’s Private Industry Notification is dated April 29, more than 15 months after whitehat hacker Samy Kamkar released a KeySweeper, a proof-of-concept attack platform that covertly logged and decrypted keystrokes from many Microsoft-branded wireless keyboards and transmitted the data over cellular networks. [emphasis added]

Keep in mind how simple it would be to put one in a hotel room or other public place. Do you leave your laptop in your hotel room? Extremely bad idea. And by the way…if you think that the FBI is being altruistic somehow…you’d be wrong.

Here’s another article on the Evil Maid attack type. You should most definitely read it.

One last thing. If you’re thinking about buying a Blackphone, don’t. Here are three reasons why…but there are more.

Team Security and Vetting Course

NOTE: This class has been postponed. We will post more information later.. Thanks!



The Security and Vetting course is a two-day course that prepares students to obtain the skills needed to adequately validate and verify personnel in your teams and organizations. Over the course of two days, we cover the following topics:

• Introduction to Counterintelligence
• In Depth look at the threats of CI
• Operational Security
• Conversation and how to utilize it
• Elicitation skills (and Social Engineering)
• Assessing Credibility of Personnel
• Planning and Conducting a CI Interview


These topics are a broad overview, and we will dive much deeper into each topic. Multiple exercises are incorporated into the class to make sure students understand the topics and are able to competently perform them. This course will require critical thinking and coming out of your comfort zone.

The skills taught in this class can be utilized by any individual who values the integrity of their teams or organizations and wants to learn how to maintain that security. You will be given literature we will go over during the course and you will also receive access to exclusive content that you can access after the course to keep up with your skills. As these skills can be perishable if not practiced, we provide you all the tools required to maintain success.

The course is taught by Martin, a former Marine who served as a Counterintelligence and Human Intelligence Specialist. He currently teaches this class as part of Forward Observer Magazine.

Dates: July 23-24

Location: Seattle, WA

The class is $225 per person for the whole weekend. An advance deposit of $100 is required to hold your place in the class.

Email us to hold your seat!