How to Keep the NSA at Bay: The Tricks From Privacy Experts
by Winston Ross Jun 8, 2013 4:45 AM EDT
Do government surveillance disclosures have you fearing Uncle Sam’s reach? Winston Ross looks at PGPs, secret phone apps, and burners like The Wire to cloak your digital trail.
It’s a fairly safe bet that most people are in one of four camps about all this National Security Agency-spying-on-Americans business: uninformed, apathetic, pissed off, or paranoid.
Before you know it, Barack Obama will personally be digging through your garbage or hiding in your closet. (Nati Harnik/AP)
For the uninformed, it’s probably a good time to get up to speed. Before you know it, Barack Obama will personally be hiding in your closet.
For the apathetic, Dude, WAKE UP: You think because you live in the suburbs and you work at an insurance company that Big Brother will never come for you? What about that affair with your office secretary last year? What if her brother gets caught up in some kind of sting operation and they check his phone records and then her phone records and then police show up at your door asking why you called her 50 times last week, while your wife is sitting in the living room? What if they transpose a digit or two and mix you up with a suspected terrorist and break down your door in the middle of the night and shoot your dog? OK never mind, just flip back to The Bachelor.
For those of you either pissed off or paranoid, it’s time you understand that there are plenty of ways to cloak yourself from Uncle Sam, especially if they’re not already parked in a white van outside your apartment building (if that’s the case, say even the most clever privacy advocates, you’re probably fucked).
But wait, you hardly ever use the Internet? Your digital trail is pretty small? Skip on over to MyShadow if you believe that nonsense. There, you can find out exactly what kind of a shadow your computer and mobile-phone usage casts. It’s pretty scary and fascinating.
For those of you still understandably freaked out: If you just want to avoid getting caught up in the dragnet, having your phone/email/search history handed over by some spineless attorney at Verizon or Google or Facebook, there are ways to hide from Uncle Sam:
Encrypt yourself. If you’re using Facebook and Gmail in the same Pollyannish fashion that most of us do, you gotta wrap that up. Get to know “E2E” (end to end) encryption, says Dan Auerbach, staff technologist at the Electronic Frontier Foundation. It doesn’t mean you have to find some obscure email provider and kiss your (online) social networks goodbye, but it does mean if you want to have super-secret communication with certain super-secret people, you both must install software such as OTR to be all stealthy about it. Which software depends on which operating system and device you’re hoping to cloak, of course, but all that info is a few clicks away. “It’s very easy to use,” Auerbach tells The Daily Beast.
PGP it. A slightly beefier encryption option: PGP, short for “pretty good privacy.” That refers to software that can encrypt chat communications, emails, and more. Symantec offers one kind of PGP software, but there are many more options out there. Just remember that both sneaky users have to be using it, or it’s pointless.
The goal of all these tactics is to make it hard for the government to get you.
Make secret phone calls. Phone calls are a little tougher, Auerbach says. There once was a cool app called RedPhone that could encrypt phone calls, but it’s no longer being maintained. Nowadays, the best bet is probably Silent Circle, which last October released a “surveillance-proof” smartphone app that lets people make secure phone calls and text messages. The company has released a data-transfer version of the app that lets users send files—photos, spreadsheets, blueprints—from one user to the next. The user can set a nifty timer that “burns” whatever’s sent from both devices after five minutes, or however long you want it to be, Bond-style.
Go even deeper. If you’re already under the microscope, doing whatever you’re trying to secretly do without detection is going to be pretty difficult. Most of what everyone’s in a tizzy about at the moment is the kind of broad, dragnet-style spying where the government gobbles up huge data banks and mines through them for links and clues. But if you’re foolish enough to press on with your evil plans anyway, three words: anonymize, anonymize, anonymize.
Tor is a good place to start. It’s a free software that routes your communication through a series of intermediaries, explains Smari McCarthy, executive director of the International Modern Media Institute. It cloaks virtually everything you do on the Web: watching porn, buying drugs on Silk Road, stalking your ex’s Facebook page, watching porn, watching porn in one window while stalking your ex’s Facebook page in another, and so on.
Get a burner. If you don’t know what a burner is, go watch all five seasons of The Wire and then come back and finish reading this. (It’s great television.) If the NSA really wants to find out what you’re doing, they can make like a hacker and just break right into the software of whatever device you’re on using what’s known as a “zero-day exploit.” The only surefire way to prevent that is to be constantly changing up your devices.
The safest way to use a burner is not for very long, but buying a new cellphone, laptop, or tablet once a week can get expensive. If you want to hang on to the same one, advises Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, Calif., just be sure to take it to a crowded place every time you use it and don’t bring any of your other devices with you. If the government matches up your burner use with a ping from a cellphone tower to your regular phone, you’re screwed.
More on that, from Weaver, here.
Cover your tracks.
If you stay logged into Facebook (like most of us do,) then every single time you visit a Web page with a “like” button on it, that Web page is tattling back to Facebook that you just went there, Weaver says, which means when the government can just subpoena Facebook records to figure out where you’ve been. Logging in and out all the time is a nuisance, of course. But so is having a SWAT team rip up your apartment. So at least set up your Web browsers to clear cookies all the time. That’s a start.
Check out Tails. It’s a little piece of software that can live on a thumb drive or DVD, and it can boot your whole operating system from any computer, anytime. So you can set it up with all the encryption software you want and it’s all pre-loaded.
OK, am I cool now? Probably not. If the government wants to get you, they’ll get you. The goal of all these tactics is to make it hard for the government to get you, hard enough that if they really want to muck around with your life, they’re going to have to invest in enough resources to sneak past the firewalls.
“What you can do is try to make it more expensive for somebody such as the NSA to monitor you successfully,” McCarthy told The Daily Beast. “If you keep raising the price, they’re either going to have to commit to targeting you as an individual or accept that they’re just not going to get your stuff.”
(F)AIR USE NOTICE: All original content and/or articles and graphics in this message are copyrighted, unless specifically noted otherwise. All rights to these copyrighted items are reserved. Articles and graphics have been placed within for educational and discussion purposes only, in compliance with "Fair Use" criteria established in Section 107 of the Copyright Act of 1976. The principle of "Fair Use" was established as law by Section 107 of The Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain permission or pay royalties for the use of previously copyrighted materials if the purposes of display include "criticism, comment, news reporting, teaching, scholarship, and research." Section 107 establishes four criteria for determining whether the use of a work in any particular case qualifies as a "fair use". A work used does not necessarily have to satisfy all four criteria to qualify as an instance of "fair use". Rather, "fair use" is determined by the overall extent to which the cited work does or does not substantially satisfy the criteria in their totality. If you wish to use copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml
THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.