Seriously?
How about installing surveillance equipment in your home? What OS does your phone run? What other internet connected devices are in your environment? Do you live in an apartment? Who are your neighbors?
Got any new friends recently? Do you ever get drunk? Do you always have eyes on your computer?
If a guy an the street pulls you in a corner and starts beating your stomach… how long until you tell him whatever he wants to know?
Basically: xkcd: Security
But also: xkcd: Authorization
If you’re just wondering about the term “nation state”:
In a more general sense, a nation state is simply a large, politically sovereign country or administrative territory.
In the context of cybersecurity, it basically means an adversary with big-government-level power and resources. Some people hold the view that if such an adversary is determined to get to you, there’s practically nothing you can do.
How about installing surveillance equipment in your home? What OS does your phone run? What other internet connected devices are in your environment? Do you live in an apartment? Who are your neighbors?
oh, you referred to other factors outside the laptop,
okay, i thought you still refer to the laptop.
it basically means an adversary with big-government-level power and resources.
i see, so nation state actor means, government support hacker and its resources.
in my case, I’m not sure what resources are being used.
but, even if it is nation state actor, IMHO,
it’s not something hard or difficult, for something like this to happen,
because logically, these resources must have many employees or inside persons,
maybe, someone with money & connection to inside can make it happen.
Some people hold the view that if such an adversary is determined to get to you, there’s practically nothing you can do.
I refer to one of the Snowden’s interview, he said that, surveillance is about power.
so, if someone illegally access our property, disclosing and spreading our personal information, and put us under surveillance, then IMHO, the intention is to have power and control over us.
Some more, if they use the disclosed personal information, to troll and bully us, also the intention is the same, which is to have power and control over us. I search, bully is also about power.
So, even if nothing we can do, but when someone put us, in this kind of situation and condition, then IMHO, we still have to find a way to do something, because this is not how we treat human being, and not the right thing in humanity.
Let me share, my personal understanding, about the “reason”, why I am being targeted.
I remember, that my adversary, sent and send me many hidden messages,
that if I didn’t perceive it wrongly, actually they are trying to justify,
that their digital privacy invasion, is merely just a prank.
What is my pure intention, with this post ?
What is NOT my intention, with this post ?
Can we consider, digital privacy invasion, as just a prank ?
Even if it is a prank, it doesn’t mean that all prank, are valid / legal / acceptable / tolerable.
Some prank are invalid / illegal / unacceptable / intolerable.
Especially in my case, it doesn’t happen once, or twice only, but it has happened everyday, for more than 1.5 years,
and it has consumed my free time, for more than 1 year, to struggle with everything related to privacy and security.
Imagine, someone illegally access my Laptop & smartphone, then stalking and watching everything I do,
also accessing my mic and cam, to listen and watch all my activity,
then they use the disclosed information, to troll and bully me, to manipulate and fool me, to roast me,
and to purposely misunderstood and frame me, then flood me with offensive and intrusive sarcasm,
also doxing, and gas-lighting, then unethically communicate, also unethically interfering my business, and so on,
and they don’t do it alone, but secretly inviting more and more people to do the same thing,
and it doesn’t happen once, or twice only, or 1 day, or 2 days only,
but it has already happened for almost everyday, for around more than 1.5 years.
And I have suffer many disadvantages,
time, energy, money, emotional, mental, psychology, life, privacy, security, social life, and so on,
Then they just simply, consider it as, just a prank.
In my opinion, how come continuous illegal access, and information disclosure,
followed by many evil and unacceptable action, as described above,
to this level, and to this length of time, and still happening,
can be simply understood as a prank.
What worrying me more is,
in case my adversary, is really a nation-state actor,
or maybe inside person, of important government resources,
then how come, they can be easily manipulated, by trivial reason, such as prank.
If trivial reason, such as prank, can be used, as a valid acceptable reason, to access someone’s backdoor, then does it mean, we can simply, just random choose any reason, to access someone’s backdoor, i.e. surprise, concern, suspect, insecure lover, curious friend, die-hard fan, etc, in that case, what will happen to the future of humanity.
I wish that, technology can get better, not only in performance,
but also in protecting our privacy and security.
Now, let me share, my opinion about, the difference between, spying and guarding,
in case the adversary, is using guarding, as an excuse, to justify spying.
Another reason, why they target me,
which I try to understand, from their many secret hidden message,
is because, they want to be my guard, or to guard me.
I don’t know, what make them think, that they have a right, to be my guard.
Some more, accessing backdoor illegally.
In my opinion, we can guard, what belong to the public.
That’s also limited, only if we are part of the public.
But, we cannot enter someone’s private property illegally,
and then secretly guarding everything inside.
Some more, illegally accessing all the backdoor, of all of his electronic devices.
That’s hard thing to understand, other than excuse, to justify spying only.
Now then, what are the differences, between spying and guarding …
Who own the property ?
How does someone guarding something, that does not belong to him ?
How does someone guarding something, by invading their privacy, and violating their right ?
What is the responsibility ?
How does someone guarding something, if he is the adversary ?
How does someone guarding something, by disclosing information to the adversary ?
Who delegates responsibility ? And to who ?
Who is the threat ?
How does someone guarding something, when he is the threat ?
Who reports to who ?
How it is called guarding, if the report doesn’t go to the property owner ?
What is the motive or intention ?
So, actually, there are big differences, between spying and guarding.
The only true privacy is in your mind (upon certain axioms, that is).
If you want to store state secrets on your devices I suggest you do it in a manner that only you can decode.
Has this helped>? @newbie
P.S: I store state secrets in Google Keep.
hmm, it looks like, you missed my point,
because, my last 2 posts, are not about, asking for help, or wailing about privacy.
since, i have known the answer.
but I don’t mind either, if anyone has suggestions.
my point, is more about sharing experience,
because, rather than my experience become forgotten history,
i think, it would be better, to share it with people,
so that everybody can learn.
because, in my last 2 posts,
although we know that, they are merely just excuses,
but in fact, these excuses, have managed to manipulate many people,
so i think that, also cannot underestimate.
hmm, but since you mention about privacy, so let me share my opinion,
in my opinion, privacy and security are closely related,
because i think that, the purpose of security, is to protect privacy,
because, if security does not protect privacy, then what else it want to protect ?
and what i mean by privacy here are, i.e. laptop data, password, email, etc
i decide to link my story from another thread, to this thread, for collection purpose only, so they are not scattered, hopefully it is okay.
my air-gapped laptop, also being targeted
why would anyone want to spy on you / leak your secrets? who would benefit from it?
Can you please explain what Nighthawk is? It sounds very useful but I have never heard of these system integrity check methods before.
this are just my 5 cent:
/rw/config/rc.local) and invisibility (via sudo echo /path/librootkit.so >> /etc/ld.so.preload), since even an unpriviledged user can sudo in an AppVM.QubesOS kind of mitigates the risks resulting from (1) by allowing you to seperate your data into different domains like work, private, banking, etc. If you consider doing something which might compromise your AppVM use a DisposableVM for doing so.
If you take that as a premise things actually get a lot easier. Just remove your electronics whenever you want to have a private conversation. If you want your stalker to know something (like xy is a real dick) start a private conversation about it in presence of all of your electronics switched on. If you are living in an oppressive regime you might prefer “xy is such a cool guy” with or without a sarcastic tone depending on how oppressive your legislation and executive is.
Still relate to my story above, anyone know how to explain ?
Finally, i have been using Heads, Qubes, & Vpn, for around several weeks, maybe 1 month.
Also i have Tiktok app in my Android phone, and many other apps.
Tiktok is app supplying us with unlimited amount of short videos, can keep scrolling.
What short videos displayed are random, and based on Tiktok algorithm.
My Laptop and Android phone are connected to the same wifi, but has never connected to each other.
Then, within these several weeks, of Heads Qubes Vpn,
and these are what happen:
My new self create Qubes VM name, were being displayed in Tiktok.
Sometimes, it was mentioned in the caption, username, or also in the content.
And it always happened in between the 1st to 5th short videos, or sometimes 1st to 10th.
And also the timing, for ex, after busy with 1 VM, then touching Tiktok,
then that VM name that will be displayed in the Tiktok.
I’m sure that the name i choose for Qubes VM, will not easily appear somewhere else.
It has happened 5 times, to 5 different VM name.
Also, word that i type in the vault vm, appear as content in the tiktok, at the same timing.
it happened 1 time.
File that i delete in another VM, the filename appear as content in the tiktok, at the same timing.
Happened 1 time.
I have whonix VM, just for Telegram app messaging.
then, I remove one Telegram group, because the group are discussing a topic, that i think i don’t need at the moment.
Then that topic appear in Tiktok.
Happened 1 time. At the same timing.
There is outstanding, or eye catching word i read in the Telegram, also appear in the Tiktok.
Happened 1 time. At the same timing.
I use whonix and Tor browser, also using anonymous search engine,
such as startpage, searx, metager, and always open page anonymously,
then what i search also appear in Tiktok.
Happened 1 time. At the same timing.
and all happen at the same timing, always after laptop, then touching tiktok.
and all always appear in between 1st - 5th short videos, or sometimes 1st - 10th.
within this several weeks of Heads Qubes VPN, or maybe 1 month.
anyone know how to explain what has happened, and where is the leak ?
could it be VPN app ? but i don’t use VPN for whonix and vault vm.
any idea how to strengthen the security ?
it just a few example that happen in my Heads Qubes Vpn laptop,
the same thing also happen in other laptop and phone device,
also in my GrapheneOS phone,
with similar story.
That’s creepy, indeed.
Check your monitor for a HDMI-grabber. Do you live alone? Does someone have access to your hardware? What OS version of android is running on your phone?
And keep in mind… a stalker is actually a very pitiful person. Doesn’t have an own life. Probably no life at all.
And this is actually not your problem.
And something I hope to cheer you up with… in the tv-show Mr. Robot the main character quickly understood that his sister put a HDMI-grabber between his monitor and his HDMI-cable:
Every good hacker has been hacked at least one time. Unfortunatly I can’t find on youtube what Elliot does next, but in a disposable VM without uplink that wouldn’t have been a problem. 
within these 3 days, since the last time i write,
creepy things continuously happened again:
i think the adversary, the stalking ghost,
they can see “live” all activity, in all of my electronic device,
then they took some keywords from the activity,
and triggered into the algorithm of those short videos app,
just to haunt, troll, and force me to give them attention.
yes, i think so. they judge & punish me, without i know what my mistake is.
i have written a long clarification message, about what maybe the mistake,
but seems nobody care, and the judgment and punishment keep going on.
what bother me is, actually my adversaries are not expert at all in these IT stuff,
but what attack / target me, imo are at the skill level of nation state.
so imo, they got help from nation state level hacker,
if it’s true, then i don’t know, why the nation state is willing to abuse their power,
and wasting their time to attack me,
i just an ordinary random person from a random country,
who is being judged & punished, for mistake that nobody know what is,
& definitely not law based.
i don’t find any HDMI grabber attached anywhere. can it be a hidden device ?
but nobody have access to my hardware.
i live alone in a room, but with family in the house.
All devices are targeted:
Anybody here being accessed by my adversary ?
Please kindly tell me, so i also can tell my version of the story,
so you can have both sides of the story.
Considering that, there are 3 versions of the story, my version, their version, & the truth.
U can tell me anonymously in this thread, also okay i think, so u can protect your identity.
i have spent almost 3 years, since 2020 January, the 1st time i know i was being hacked & targeted, struggle with these IT privacy & security, so sad that until now still not succeed.
Don’t jump to early conclusions. Most attackers go for low hanging fruits. That’s why I asked for the HDMI-grabber and your Android OS Version.
Now, that could very well be a coincidence, couldn’t it? I wouldn’t attach too much meaning to it.
You could try the following:
switch from a smartphone to an plain old mobile phone (there are 30-50 USD Nokia phones around) or at least uninstall all apps on your smartphone except the one most essential messenger (Facebook, Whatsapp, Threema, whatever) you use. We spend far too much time with our smartphones anyway and that might not be very healthy after all. All those Apps trigger our dopamine-system and keep us hooked. There are better things to hook your dopamine-system to, i.e. 4 years of college with a major and minor you really like. Anyway, switching off your smartphone eliminates one backchannel.
In case I haven’t written that before: it’s not your fault. No need for apologies.
burp
my adversaries, use coincidences as alibi,
to inform me about their privacy invasion,
too many codes / signal, packaged as coincidence,
being sent to me, via sms, email, videos app algorithm, also people around me,
so if we perceive it as coincidence, then they are,
but made-up / fake coincidence, not natural,
the coincidence has happened for too many times,
too many until make me lazy to note anymore,
last time i noted one by one,
it sounds like, “covering our eyes so that we don’t see the ghost”,
but, covering our eyes, will not remove the ghost,
the same as, stop watching the news so that we don’t see bad news,
it doesn’t remove the fact that the bad news has happened.
in my case, imagining what happen in the background, then 2 things happen,
1st is privacy invasion,
2nd is, adversary use the information from privacy invasion, to troll me via those apps.
so, removing those apps, will only solve 2nd issue, but doesn’t solve the 1st issue.
compared to my productive time, it is not much,
i have used Heads, Qubes, VPN, and whonix,
so far i know, there are no other solution that can go more secure than these.
but still they can invade the security,
so, imo, if we don’t solve this issue,
then does it mean that, all the work, effort, time, energy, and contribution,
of all developers behind these security system, become useless ?
I think what you experience cannot be reproduced so that’s impossible to fix it.
You probably need some live support, which would examine your hardware at the spot.
From what I can tell, you won’t find help here for the reasons above and what you are saying doesn’t confirm anything of the said is not secure…
Can we see some screenshots, any kind of evidences except your words?
@newbie please read @sven’s post again.
It is much more likely that an adversary targets low hanging fruits.
Anyway, if you ask for technical help, please provide wiresharked network traffic which you believe is exfiltrating data. This could be interesting but as long as this stays at the level of guessing in the wild it is not.
these 2 days also happened, creepy things:
yes, i think we cannot reproduce it, maybe only the adversary know how to produce it,
if i screenshot my activity on heads Qubes laptop,
then screenshot the “coincidence” that happen on short video apps, in android phone,
or “coincidence” in email inbox, or sms,
then it also explain nothing but “coincidence”,
besides, if adversary know that i screenshot,
then maybe they will not give me the “coincidence”.
maybe nice idea, but i don’t know one that expert enough to examine around me,
i can dissasamble assemble laptop only, but not sure how to examine,
do you know how to examine the hardware ? may give me some tips ?
yes, i have tried hard to find hidden surveillance equipment in my room & house,
but i couldn’t find one, other than these laptop and smartphone themselves,
seem you know a lot about surveillance equipment, ie hdmi grabber,
may tell me what sort of low hanging fruits that maybe you know ?
some “coincidences” has happened, between vault VM on heads Qubes laptop,
& short video apps, email, sms on other devices, at the same timing,
the vault VM has no Net VM, and the laptop was disconnected from wifi,
so installing wireshark in sys-net VM, probably will not capture any traffic,
in your opinion, which part is compromised ?
the OS or template ?
or maybe me cleaner doesn’t really clean Intel me ?
or maybe other firmware in the hardware ?
Can your router run wireshark?
Just a guess: your android phone.