Privacy Update: How to protect yourself from the NSA, PRISM, GCSB, SIS, GCHQ, and other acronyms

Privacy1A year has ticked past well and truly and the revelations from Edward Snowden continue to come out showing us what we all knew, we’re being spied on substantively, even if our government refuse to admit it. In New Zealand we have an election with at least one party promising to get New Zealand out of the Five Eyes, a hopelessly unrealistic policy that will never come about, but shows that it is a current issue.

I often hear the “if you have nothing to hide you have nothing to fear” and remind people that came from a well-known Nazi as part of a speech in the dark days of the Holocaust. If we have nothing to fear then we wouldn’t mind the state installing a camera in our lounge so they can protect us, right? Well, they kind of are. They have put collection points almost everywhere these days from your smartphone, to your internet provider, to your device itself, to cables, other communication channels, and even your financial transactions.

The Internet Party’s answer to this is to bring out a policy that would see us withdraw from the Five Eyes arrangement. First, even if we did, it wouldn’t stop the spying, and second, Dr Paul Buchanan, a man with a lifetime experience in signals has said that if we did withdraw “it would make the nuclear ban look like kindergarten.” In other words, we are in it, whether we like it or not, and the cost of getting out of it would be extremely high.

For those of us who value our privacy, there is a war raging for privacy that has seen the rise of a number of products in the past year that allow you to interact online while operating in a way that is (for the most part) out of the eyes of the spies. We have an individual choice on whether or not we want to protect our privacy or not. This blog is for those who do want to protect it.

Yes, there is a counterargument that spies can infiltrate at a hardware level and that given enough resource they can potentially de-crypt your data, however it is difficult, costly, time consuming, and as more and more people move to use privacy tools the volume of data that is required to be processed increases massively.

Now for the geek talk.

What are the most secure Operating Systems available?

You can argue this one depending on your various persuasions however the generally accepted most secure OS right now is something called Tails:

“Tails, an open-source operating system designed to leave as little trace as possible,launching version 1.0 today after more than five years of open development. It’s an amnesiac system, which means it’s completely fresh every time you boot up. There are no save files, no new programs, and most importantly, it becomes a blank slate the moment you shut down. It’s the digital equivalent of buying a new computer for a single session and tossing it into the river once you’re done.” – Source

It works by you downloading a signed ISO that is then burned onto either a DVD or USB stick. It boots up on your machine and forces you to use TOR. Everything else is simply blocked. None of the activity is recorded anywhere, so when you are done, you simply shutdown and it’s burned. You can then restart your PC in normal mode once your done being anonymous. This is something for the more advanced user to setup as it will require system changes including BIOS configuration (and if you don’t know what that is then you probably shouldn’t try this method.)

Outside of tails, Ubuntu is considered the most secure OS and there are a range of tools out there that will allow you to create bootable OS’s similar to Tails.

What about my phone calls?

Blackphone is considered the best package and you can buy it online here. The smartphone is going to do much more than keep your calls, texts, internet connection, and communications secure, but that’s exactly what it is designed to do.

Not to fear regular smart phone users, you can subscribe to Silent Phone from Silent Circle, which encrypts your voice chat with another user with the same service. These are the same tools that Blackphone makes available, and you can buy a safe contact list and text service. It’s based on number of minutes you use and starts at $12.95 USD per month.

Ok, how about my Internet Connection itself at home or from my phone?

You’ll need a secure VPN, or Virtual Private Network service. You can get these for free, but you get what you pay for. I’d look at Astrill as a starter. It’s a good service that you can use a little or a lot of. Astrill creates a secure link between your device and the service. After that you can get quite tricky.

The basic service will stop your Internet Service Provider from seeing what you do. It’s that simple. An encrypted connection is made to the service which then tunnels it through their own systems (even they can’t see what you are doing) and you can pop it out anywhere in the world. You can layer additional services to include a firewall, different devices, you can register your home router so that any device using it is secure, upgrade the encryption to higher levels, buy private IP addresses, and lastly, a Stealth mode.

Stealth is a unique protocol that can’t be detected as VPN. Because countries like China (and others closer to home) can detect that you are using a VPN and while they can’t see what you are doing, they can just block you outright. Stealth mode defeats that.

OK, what about stuff I store in the Cloud?

Most Cloud companies now claim a degree of encryption on their services but given the NSA revelations you could be forgiven for taking those kind of statements with a grain of salt. Most of those companies will keep a copy of your encryption key, and you don’t want that.

Start by encrypting the data on your device. Most operating systems come with some kind of service, but there are others out there that you can use.

Consider using distributed, encrypted Cloud services. For the geeks amongst you that means something like BitTorrent Sync and for those of you that are looking for something easier and friendlier then try Space Monkey.

What these services do is encrypt the data on your local device, then split it into lots of small pieces that it stores on other people’s devices. BitTorrent Sync uses your local hard drive where as Space Monkey is a physical device that you put on your home or work network. This makes it almost impossible to put your files back together and then decrypt them. Files are smashed to pieces and stored decentralised all over the world. These services will always be stronger than a Cloud provider.

Just secure browsing?

Download ToR. This is a secure browsing system though you should use it in conjunction with other services we have talked about.

OK, I’m in the tinfoil hat paranoid category, what else can I do?

Get off every social media website you are on and disable all the location services on your phone. Get out of the Cloud. Get off all the major providers like Google and Microsoft who will happily track everything you do and everywhere you go. Install Ghostery and block everything. Never use free wi-fi. Never use an Internet cafe. Create an online persona that is not you. Move to a cave. Wear a tinfoil hat.

Happy Privacy.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: