At one level, you're toast, right? You need a burner phone you bought with cash, without using ID, and to activate it without linking it to your person. You need to never have it with you at your commons places to be (house, work, coffeeshop on the corner, etc.) - and once you start talking using apps on a smartphone, you've multiplied the complications here 1000x. If you care that much, you probably should just give up on cell phones.

But, there are a tons of ways to make your usage of cell phones safer and more secure. The Guardian Project is a great place to start - https://guardianproject.info/apps/ - you can get their apps from the Play store, from the F-Droid OSS repo, or as APKs directly. It brings Tor to your Android, OTR chatting, end-to-end encrypted VOIP calls, and even PGP email.

iOS is a bit further behind with all of this, for various reasons.

There was a great guide on this last year, but the site seems to have gone offline. Some intrepid data-rescuers have put the content up on github:

https://github.com/opensafermobile/materials

Ask Nicholas Merrill about that: http://en.wikipedia.org/wiki/Nicholas_Merrill . If he can do it, so can Verizon.

As mentioned, OTR is good for secure chat; and Jitsi (other other VOIP tools that implement OSTN, https://guardianproject.info/wiki/OSTN) can provide end-to-end encrypted voice and video as well as chat. Kinda like skype, but secure.

It's best to not piss off His Holiness, Jean-Malreaux I

If you get that reference, you're very, very geeky.

One great trick, I probably saw it on lifehacker or similar, is to phrase your decisions in terms of priorities - i.e., when choosing to do activity X (TV, long lunch, etc.) instead of Y (gym, run, etc.), consider that you're saying, "no, X is a higher priority for me than Y right now." It's cheesy, but it help keep you focused.

Yes - bringing a home-made lunch saves a ton of money, and is much easier to portion-control with. Don't eat snacks at work (supply yourself with healthy alternatives if need be).

Instead of an hour lunch break, take an hour gym break to a nearby gym, or work with your supervisor for a flex hour instead of a lunch break, show up an hour later (and use that to go to a gym on your way in). You'll be *amazed* at the increase in your afternoon productivity by going to a gym in the middle of the day, instead of stuffing yourself at the nearest lunch spot.

Walk/Run/Bike to or from work - only works if you have access to a shower facility or public transit for one-way commutes at work

Join a gym, *hire a trainer*, set a schedule. I went to the gym 3x/week for 2 years, slowly lost 5 pounds. Added a trainer, lost another 5 pounds ... in 3 months.

It sounds like the company cares about health, which is a great start - getting access to shower facilities at work really opens up a lot of possibilities, so investigate some options there.

b) Exit nodes don't matter for blocking purposes. Bridge nodes are discoverable, but Tor has made them difficult to discover the complete set, https://bridges.torproject.org/ (or, since that'll be blocked in most useful places, emailing bridges@torproject.org with the "get bridges" in the body) only gives out a few at a time with a captcha requirement, and only sends to https-enabled webmail hosts.

Tor also has an unknown number of private bridges people run and disseminate through their own channels to friends and family and so on. This, plus obfsproxy and related tricks like the flashproxy work from Stanford, make it really really difficult to discover and block enough bridges into the network.

...and Tor provides much higher privacy for the user, with related tools like leave-no-trace bootable-thumbdrives (TAILS) , and is much, much harder to block than a VPN (Iran just this week decided to restrict all VPN traffic).

Also, basing this off of Windows means that rapidly throwing up new servers is a bit more cost-prohibitive and licensing-restricted than flipping on an Amazon EC2 tor image (not using your free ec2 slot? go here: https://cloud.torproject.org/ ) , or hosting a tor server on a cheap VPS.

I value the guy's intentions, but question his supervisors approval of his field assessment sections.

My previous place had an unofficial no-meetings-on-friday policy, which meant most people worked - productively - from home on Fridays. Tons of flexibility, and it meant we, as a team, kept ahead of the game because everyone used friday to knock out not only the collection of "oh, if only I had time" pieces that collect over the week, but also those "I need 3 hours, uninterrupted, to really dig into this" big-think pieces. No one overly abused it, and the not-infrequent fade out ~4p still meant the week's overall work was more productive than if everyone worked that last, useless hour on Friday.

That being said, we were a globally distributed group, and had already adapted well to well-calendared and well-prepared-for remote interactions over chat, conference calls and video calls.

Yes, you lose out on the hallway-chats, so it becomes important to have some central hub of people, and to make sure that no one sub-team was completely disconnected from the pulse of the office, but it can be done, and done well.

Clearly, the thing lacking here is for both vim-in-emacs and emacs-in-vim to be so feature complete that you can nest them until you exhaust available memory. I propose that we codename the project to create this "straightline" , as it shall generate infinite jokes on /.

To add on to this, P2PU is working with Mozilla's Open Badge system for providing a badge-based verification process; can this model gain traction in academia? (http://info.p2pu.org/tag/badges/)

The Canon line (DSLR and P&S) has the added bonus of hacking-friendly-ish firmware, and MagicLantern / CHDK tools.

Has anyone seen any details on how to detect this specific method of attack, malware signatures, or similar? Cause that just might be of use, seeing the widespread nature of this.

Also, who hasn't been attacked? Bueller? Bueller?

You laugh, but in Peace Corps I actually had a fridge whose thermostat controls were dead, so it operated at either full-blast (freezing everthing) or unplugged. I abused an x10 plug and a timing script run off a computer to cycle it on and off over the course of the day to regulate it. Never died!

I think the most nefarious thing would be to turn off automatic coffee-makers ~ 15 seconds after they'd started, so the grounds are soaked and warm (i.e. ruined*), and there's no coffee.

* For anyone who considers having a automated coffee pot with grounds in it overnight not /already/ a ruined coffee experience, that is.

The Guardian Project develops and maintains a list of great security and privacy tools (Tor for android, secure chat, encrypted VOIP, PGP support for email... ). They're generally cross-posted on f-droid, and you can find play, f-droid and source links here: https://guardianproject.info/apps/

Perhaps this is what you're looking for? http://informationwithoutborders.org/ is a reference implementation of a distributed, often-offline filesystem that is kinda a store-and-foward, very slow bittorrent setup. There's also FidoNet (http://www.fidonet.org/genlinfo.html) and FidoIP (http://sourceforge.net/projects/fidoip/) which are a bit more node-to-node file transfer/storage oriented.