Initial commit: HPR Knowledge Base MCP Server
- MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Lee Hanken
256
hpr_transcripts/hpr0771.txt
Normal file
256
hpr_transcripts/hpr0771.txt
Normal file
@@ -0,0 +1,256 @@
|
||||
Episode: 771
|
||||
Title: HPR0771: Mischief Managed
|
||||
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0771/hpr0771.mp3
|
||||
Transcribed: 2025-10-08 02:09:07
|
||||
|
||||
---
|
||||
|
||||
.
|
||||
Hi, my name is Gordon Sinclair, I'm known on IRC as Thysolweb.
|
||||
Now, this HPR episode is about customs.
|
||||
It's about how to get your laptop, your netbook through customs
|
||||
with your data at the other side and effectively hidden from the copyright
|
||||
cops. Sorry, the customs officers who are these days basically working at the
|
||||
behest of the entertainment mafia and who have all sorts of rights and
|
||||
excuses to go rifling through your private data looking for downloaded MP3s and
|
||||
movies and stuff like that. So you've got different ways to do it.
|
||||
The last thing you want to do is to try to pretend that the laptop
|
||||
isn't working. I'll never buy that. What you've the idea is to cooperate
|
||||
and let them see what they think is everything when you know it's not.
|
||||
So you've got different ways to do it. I think of this as the
|
||||
security when you walk through the metal detector, your
|
||||
luggage goes through separately when it's actually adding stuff like that.
|
||||
And there's certain there's the security customs officer there and
|
||||
obviously the things like your keys will trigger the detector.
|
||||
You take them off and you go through again. So you've got to find a way to
|
||||
get your data from one side of this barrier to the other while keeping it
|
||||
hidden or keeping it away from the customs officers. So there's different
|
||||
ways to do this. You've got the first one is using some sort of cloud
|
||||
service whereby you upload your home folder to some cloud service.
|
||||
And then once you're through customs, you go through with a blank laptop
|
||||
or a blank netbook and you get your hotel at the other side,
|
||||
you connect then on it and you download it all from that server.
|
||||
And then they say the reverse on the way back as well.
|
||||
Before you're ready to return home, you connect to that server again,
|
||||
upload your home folder again, delete it and come through customs,
|
||||
download it when you're back home again. Now there's issues with that.
|
||||
If you're a business traveler, then that's less of a hassle because
|
||||
chances are it's going to be your company's server you connect to and
|
||||
it will be your, it will be secure, presumably it will be secure,
|
||||
the connection will be secure and the cost of uploading through wireless
|
||||
dongles or whatever, local connections, that's all going to be covered by your
|
||||
company. The issue here is for home users, for domestic users,
|
||||
when you take your machine on holiday with you, then you're looking at
|
||||
something, most likely it's going to be a third party cloud service like Amazon
|
||||
or Google or God help you, Microsoft, some server somewhere.
|
||||
But the problem with that is you're putting your own personal,
|
||||
excuse me, your own personal data onto a third party server.
|
||||
There's all sorts of privacy concerns with that.
|
||||
It will be mined for all sorts of information about you so that they can then
|
||||
target you with other services and you know, Google put, Google
|
||||
have algorithms to scan inside your Google Mail to pick out keywords and
|
||||
inject RVERS based on those keywords. It's not a human being but it is
|
||||
still an algorithm that's helping to build up a profile on you.
|
||||
So that's one concern is that it's, you're putting your private stuff in
|
||||
that cloud, a third party cloud, it's not entirely private.
|
||||
The second issue is with that is once you put it in the cloud,
|
||||
a lot of the cloud solutions are American based.
|
||||
So as soon as you put it there, the various departments of American
|
||||
government then decide, oh, that falls under our jurisdiction.
|
||||
It's a company on our soils, a server on our soils registered as a dot com.
|
||||
We have legal access to that and they don't even have to ask you if
|
||||
the third going for a fishing expedition, they want to find out what data
|
||||
they have on a user. They can just go to Amazon or they can go to Google or
|
||||
Microsoft or whoever the provider is and they'll roll over and sell you
|
||||
out essentially and you'll never know about it.
|
||||
So that's another concern. The other one, if you can get around
|
||||
that, I'm assuming you don't have anything that's really that troubling.
|
||||
If you can get around that, the other concern is about cost because if
|
||||
you're going on holiday, you don't want to be, you're not going to get a
|
||||
quote value for money on quote, ISP package when you're across in this in
|
||||
this country. If you're only there for two or three weeks, then you're
|
||||
going to buy a local ISP's Dungle, USB Dungle. If I go to America, I'm not
|
||||
going to, I'm not going to sign up to a two year contract with AT&T.
|
||||
I'm going to buy like a year of paying gold, USB Dungle.
|
||||
That's a throwaway thing that I'm only going to use it and maybe top it
|
||||
up if I have to and it's a throwaway thing. So when you're, if you have
|
||||
to download your home folder through this, this USB Dungle per megabyte,
|
||||
that's going to be expensive or it could be expensive. And then the same
|
||||
worth going for putting it back up the way before you come back home again.
|
||||
The other concern with that is if you're asked by a customer's
|
||||
officer to open your laptop and your network and switch it on and log in,
|
||||
which is the whole point of this episode is how you can do it without
|
||||
keeping your private stuff intact. So if you're going to be asked that
|
||||
anyway, then it looks suspicious. If you've got an empty laptop with nothing
|
||||
on it, it looks suspicious. And that's, these people are looking for
|
||||
any excuse to, to huckle you away at the side and call you a terrorist
|
||||
or whatever and use all sorts of powers to seize and do a
|
||||
do-hole forensics on your, on your machine. The whole point is you
|
||||
want to go through and let them see everything or at least what they
|
||||
think is everything. So going through with an empty laptop would
|
||||
raise suspicions. You'd at least be asked why. Now you could get away
|
||||
with it for a company. They say, look, this is a business laptop.
|
||||
It's company policy that we don't have any sensitive information on
|
||||
here that we be forced by all sorts of data protection laws to keep
|
||||
consumer data secret and all this. You can use all that for a
|
||||
corporate, but you're not going to get away with that as an individual
|
||||
holding maker. So that's the cloud. And what I mean by a cloud is
|
||||
basically a server somewhere. You could have your own FTP server
|
||||
or whatever. So it's just the idea of putting it up to some other
|
||||
server and back down has its issues. The other way to do it or
|
||||
an other way to do it would be to have a decoy user account.
|
||||
Now for this, it would mean that you would have to make sure
|
||||
your login manager does not show the user list so that when you're
|
||||
asked by a customs officer, could you switch your machine on and
|
||||
log in please? Certainly officer, not a problem. And you can log in
|
||||
with the fake username and the fake password. And for that, you
|
||||
would have to prepare it beforehand. Prepare the account beforehand
|
||||
to make it look like a regular lived in home rather than a show
|
||||
home. So for that, you could do a lot of things, excuse me.
|
||||
You could do a lot of things like going download a few
|
||||
podcasts, a few creative commons, audio books, create a few
|
||||
fake documents, word documents that are like, you know,
|
||||
let us do your local council or something to say or the
|
||||
trash hasn't been collected. I'm paying my taxes. What's
|
||||
all this? So do stuff like that. Prepare it in advance. Change
|
||||
the wallpaper. Have things open by default, like a media
|
||||
player owned by default. Have your web browser, bookmark
|
||||
some pages, some YouTube videos, some flicker pages, some
|
||||
blog posts, subscribe to a few RSS feeds. You get the idea,
|
||||
make it feel like a genuine home so that it looks authentic
|
||||
when you sign into it. Now, because if you've, you've always
|
||||
got the possibility of when you log in, there's a lot of RSS
|
||||
feeds that are marked as fresh. They've not been read yet.
|
||||
You might think that would look suspicious. I don't agree.
|
||||
Because you've always, especially with a netbook, you've always
|
||||
got the argument of, well, you know, and if there's updates
|
||||
as well to come, you can always say, well, look, I've
|
||||
actually got my regular laptop, when I'm at home, or my regular
|
||||
desktop, when I'm at home, my netbook only gets used to
|
||||
in a trouble. So it can be switched off for months and
|
||||
months at a time, and then just charged before a leaf home
|
||||
when I go on holiday. And that's just the condition it was
|
||||
in the last time I switched it on. I sometimes remember to
|
||||
switch it on every two or three weeks and do updates.
|
||||
Sometimes I don't. It's no biggie, really. So that's
|
||||
very, very plausible in that situation. So that's one,
|
||||
that's another way that the issue I see with that, though, is
|
||||
when you, when the whole point of this is to let the
|
||||
officers give the officers full cooperation, and the thing
|
||||
with that is you cannot rely on being the one that clicks
|
||||
around in different places. You've got to be able to stand
|
||||
back and let the officer go, wherever they want to go, if
|
||||
they want to click on something, they click on it. It's
|
||||
entirely possible that they would go in the file manager,
|
||||
they would click on up from the home folder, which leads
|
||||
you to seeing the home folders for every account on the
|
||||
install. So with that, it's just a double-clicking in
|
||||
another folder and they're into your private stuff that
|
||||
you're trying to sneak past them. So that defeats the
|
||||
purpose. That's the flaw in that plan. The way there's
|
||||
another way to do it as well. And that is to have a decoy
|
||||
distribution. Now, if you go traveling quite a lot, it
|
||||
would be worth actually setting your laptop up and your net
|
||||
boot up like this with a decoy distribution. And for that,
|
||||
I would say don't go with a known distribution or a KDE
|
||||
distribution, not because they're bad, but because features
|
||||
in Nautilus and I believe Dolphin as well, would actually
|
||||
count against you here. When I don't use Dolphin very
|
||||
much, so as far as I remember, this happens in Dolphin as
|
||||
well. Nautilus, it picks up partitions that are on your
|
||||
disk and it helpsfully mounts them and puts them on the
|
||||
sidebar, which is great. It's really handy, but in this
|
||||
case, you don't want that because the officer is just a
|
||||
click away from your home folder, your real home folder, which
|
||||
is the whole point of trying to hide that. So I would suggest
|
||||
going for something that's light, that doesn't use Nautilus
|
||||
or doesn't use Dolphin. Thunar is a good bit, so something
|
||||
like that XFCE or even CrunchBank uses Thunar as well.
|
||||
So if you set it up to dual boot and put your
|
||||
your main distribution as you would normally install it,
|
||||
believe say a 10 gig partition at the end of the drive for your
|
||||
decoy partition and install whatever that happens to be,
|
||||
it might be CrunchBank, it might be something else.
|
||||
And put that on the remaining 10 gig. And again, the same
|
||||
thing happens, the same thing applies, make sure that you
|
||||
prepare it in advance, change the wallpaper, set up
|
||||
bookmarks, RSS feeds, some decoy documents, make it
|
||||
look like a genuine home. And then when you're asked to
|
||||
boot up the laptop, well you've got something to go into
|
||||
that's not going to see and not going to mount your normal
|
||||
stuff. So the problem, the next thing is here, well, if
|
||||
you're dual booting, then surely the, you would get the
|
||||
grab menu in the office or would see that and see that there's
|
||||
two operating systems and would want to see both. Well,
|
||||
here's the trick, if you install, make sure grab is
|
||||
controlled from the decoy operating system. When you are
|
||||
about to go on holiday, when you're about to travel and you
|
||||
know that you might get built out of line and being asked to
|
||||
switch the machine on, what you do it basically is log in to
|
||||
the decoy operating system, the decoy distribution, you
|
||||
know what, you could even do your updates and better before
|
||||
you, where we are there. But open up grub and change a couple
|
||||
of things in the grub file. So it would be pseudo space,
|
||||
G-Edit space, slash boot, slash grub, slash grub.cfg,
|
||||
that will open it as root obviously and needs to be root
|
||||
with G-Edit and use your editor of choice. And the two
|
||||
things you're looking to change here, first of all is the set
|
||||
default equals zero. That means that it's, it's always the
|
||||
one that's right at the top of the list that ensures that when
|
||||
you get a new kernel, it boots into that because that appears
|
||||
at the top of the list. Now, if you count down the number to
|
||||
the one that's the actual decoy and set that as your default,
|
||||
obviously it starts at zero. So if your decoy is fourth
|
||||
on the list, then that would be set default equals three,
|
||||
zero, one, two, three. So you might need a bit of trial and
|
||||
error to get the correct default as your decoy one is a
|
||||
default. So I would set that first and then reboot,
|
||||
don't touch it, I'll let the timer count down and see where it
|
||||
goes. Once you've got the right distribution or the right
|
||||
one, then go back into grub again and change the next thing
|
||||
you're looking for is the timer. So it's set timer equals five
|
||||
or ten or whatever that's in seconds. So change that to zero.
|
||||
And if you do this, since you do that, you don't see grub.
|
||||
The next time you reboot, you don't see grub, it goes straight
|
||||
in your default, as if that's the only thing on the
|
||||
disk. So that's basically it. When you walk through
|
||||
customs and you're pulled out a line, could you power your laptop
|
||||
off, please? Certainly, officer, not a problem. And you power
|
||||
it up, your grub doesn't show it goes straight in the decoy.
|
||||
You sign in, as you'd expect to sign in and happily stand
|
||||
to the side and let the officer click away to their hearts
|
||||
content. You are in the model of a cooperative citizen known
|
||||
fine well, that your data is actually on the machine
|
||||
they are touching, but they'll never see it. It is basically
|
||||
invisible ink. The other way to look at it, I'm not the
|
||||
under the whole wall analogy, is it is the tunnel underneath.
|
||||
Excuse me, it is the great escape. As your data travels
|
||||
underneath their feet, and they are completely oblivious to
|
||||
it. So that's that's how we do that. The other way you can
|
||||
do with grub is have it to automatically reboot into the
|
||||
last used, the last used install. I wouldn't trust that
|
||||
because just in the off chance that you forget which one was
|
||||
the last one and you end up booting into the real partition
|
||||
you're left with no choice, but they'll log in and give away
|
||||
all your data. So I wouldn't do that. I would certainly
|
||||
set a fixed default and do that. So that's it. If you are
|
||||
regularly going through customs, you can get your stuff
|
||||
assuming you can keep a straight face known that the officers
|
||||
are completely oblivious. You can get your private stuff
|
||||
through customs right under their noses and they'll be
|
||||
done the wiser. Obviously it's not going to do anything for
|
||||
forensic searches, but the whole point is you are the model of
|
||||
cooperation, so they have no reason to suspect there's
|
||||
anything up. That's the whole point. The other side to
|
||||
this would be encrypting your normal data, but that's
|
||||
I'm going to do separate screencasts about that. The whole
|
||||
point is just to keep it away from the search at customs.
|
||||
So that's it for this episode and if you have a need
|
||||
for that, then I hope it's helped you and if you do so
|
||||
and get caught, ain't nothing to do with me. As usual,
|
||||
it's the whole lyrics thing. Use it your own risk.
|
||||
So thanks for listening. I'm Gordon Sinclair. I'm on the
|
||||
IRC as Thistleweb. You can contact me if you like.
|
||||
That's Gordon at Thistleweb.co.uk.
|
||||
I'm going to tell the next episode. Goodbye.
|
||||
.
|
||||
Reference in New Issue
Block a user