Nut-job Conspiracy Theory Ping!
To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don’t add you to the list...
Posted on 07/18/2013 10:01:16 AM PDT by null and void
You have the right to be secure in your electronic communications. Here's a few tips on how to do it.
Thursday afternoon, a bombshell dropped: Two leading reports claimed that the U.S. government has been spying on emails, searches, Skype calls, and other electronic communications used by Americans for the last several years, via a program known as PRISM.
According to the reports, the Web's largest names--AOL, Apple, Facebook,A Google, Microsoft, Skype, PalTalk, Yahoo, and YouTube--participated, perhaps unwittingly. (Dropbox will reportedly be added as well.) The report claims that the National Security Agency had "direct access" to servers owned by those companies. Most, if not all, of those companies have denied participating in PRISM, although it's unclear whether they were unaware of the NSA's spying, or simply turned a blind eye.
According to The Guardian and The Washington Post, the data covered included: "email, video and voice chat, videos, photos, voice-over-IP chats, file transfers, social networking details, and more."
If nothing else, however, the PRISM disclosure is worrying and deeply shocking. If the report is accurate, the government may simply listen in on virtually any electronic communication you've made, in the interests of national security. Is this something that should be encouraged to fight domestic terrorism, or is this sort of government intrusion something that should be deeply distrusted? For the purposes of this story, we're going to err on the side of the latter; whether you take advantage of our advice is up to you.
Note that there is absolutely no guarantee that our tips will make your PC PRISM proof. One of the generally held beliefs in the security world is that, with enough resources on the part of the attacker, any secrets that are known about can eventually be unearthed. But let's say that you support an "Arab Spring" movement in a country whose interests parallel those of the U.S. government. It's this sort of political uncertainty that encrypting personal communications is designed to liberate.
So what can you do? Here are some tips.
Avoid using popular Web services
This is an easy one. If you're concerned about the government watching your moves online, simply avoid making Microsoft Bing and Google your search engines of choice; try DuckDuckGo instead. The site promises not to track or store your searches, which should provide some degree of confidence that you're not being tracked online. Both reports fromA theA Post and theA Guardian indicate that the PRISM program is expanding, although for now DuckDuckGo seems to be safe.
Naturally, this also means ditching a Gmail or Hotmail account, and deleting your accounts from those sites. Instead, it's time to think about laying low and skipping around services that you might have forgotten about: Mapquest for maps, for example. You may as well stop social networking altogether, unless it happens to be direct, person-to-person communications. And there's no sense in surfing using Chrome, Internet Explorer, or Safari, either. Sure, there's Firefox and Opera, but the PCWorld's review of the Tor browser shows it to be a slow but anonymous way of browsing the Internet.
Ditch your smartphone
If we assume that Apple, Google and Microsoft are being monitored, then the safest way to avoid being tracked is to ditch your smartphone. A number of services already ask for your location, in the name of providing better search results or services. And BlackBerry, of course, is no better; that company has already acceded to requests to allow foreign governments access to its data, so the paranoiacs should ditch them, too. Feature phones may be no better, but the amount of information that can be captured is much smaller.
Encryption, encryption, encryption
Eventually, however, you're going to have to start communicating with someone, probably electronically. If you'd like to think those conversations are private, it's time to start thinking about encryption.
To start out with, you'll want to encrypt your hard drive and existing files. Alex Castle's piece discusses using TrueCrypt and other tools to start securing your files. Note that some of the tools he recommends are from the providers that PRISM is reportedly monitoring; you'll have to decide if you want to go elsewhere for encryption protection.
From there, protect your email by encrypting it.A To secure your email effectively, you should encrypt three things, Eric Geier notes: the connection from your email provider; your actual email messages; and your stored, cached, or archived email messages. If you want toA take it even further, consider using a secure email service. Email will travel over the Internet, where it can be accessed by theoretically just about anyone. Companies like Silent Circle (founded by PGP creator Paul Zimmermann) profess to offer secure voice, email, voice communications via dedicated connections between subscribed devices.
Subscribe to a VPN
In the same vein, consider signing up a virtual private network, which creates an encrypted "tunnel" to another server, which then acts as an agent on your behalf. Eric Geier's piece on how to set up a VPN explains how to do this. Note that the performance of your PC may suffer somewhat, as the latency to funnel communications back and forth (some solutions use servers based in the EU, for example) may take some time. But security layered upon the encryption applied by other solutions may provide some additional reassurance that your communications are private.Watch those hotspots
Wandering from coffee shop to library to free cafe may provide another layer of security, as your client IP address will vary by location. Just make sure that when you're roaming from location to location, someone isn't trying to sniff your PC--or worse. Preston Gralla's story on protecting yourself at hotspots also contains advice tailor-made to protecting your privacy while on the go, including nailing down older apps that might allow an intruder inside your PC.
Obviously, block that malware
Let's face it: the first and most obvious thing you should do to secure your PC is to lock it down from malware. Our tests from January provide you the best antimalware solutions, empirically testedA to ensure that no Trojan or other worm sneaks inside your PC and provides its own spying eyes on your online activities. Your PC should be your castle, and antimalware is the first line of defense. Frankly, if you're concerned about the safety and well-being of your PC, you should have taken care of this long ago.
Tie it up together with a hard password knot
The last thing you'll want to do is make sure that all of your encrypted services are tied up neatly with a unique, easy-to-remember-but-impossible-to-crack passphrase. PCWorld has some tips to manage passwords, including what's coming down the pipe. But the best practice right now seems to be to find a good password manager like LastPass, and create your own unique password. Bruce Schneier's "Schneier scheme" recommends that you create a passphrase ("Man, those six flights of stairs to my New York apartment were killer.") and then abstract it, possibly with the first letters. ("M,tsfostmNYawk.") It's not perfect, but it's a lot better than random words and phrases that can be easily guessed.
Will these tips make your PC PRISM proof? No, not necessarily. But if you're concerned about the recent PRISM disclosures, they'll go a long way to help you sleep better at night--outside of smashing your PC to bits, distributing the pieces randomly among a dozen scrap heaps, and moving to the woods, that is.
Nut-job Conspiracy Theory Ping!
To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don’t add you to the list...
We all just need to increase our electronic information flow 1000 times the current volume. See if we can clog the drain.
I read someplace that the encrypted emails were given special attention by the gov spies.
“but the PCWorld’s review of the Tor browser shows it to be a slow but anonymous way of browsing the Internet”
TOR was invented by the US Navy!
“As of 2012, 80% of the Tor Project’s $2M annual budget comes from the United States government.”
http://en.wikipedia.org/wiki/Tor_(anonymity_network)
“No Conspiracy Theory Needed: Tor Created for U.S. Gov’t Spying” “The TorFAQ clearly states that exit nodes can eavesdrop. “Yes, the guy running the exit node can read the bytes that come in and out there. Tor anonymizes the origin of your traffic, and it makes sure to encrypt everything inside the Tor network, but it does not magically encrypt all traffic throughout the internet.”
http://www.networkworld.com/community/blog/no-conspiracy-theory-needed-tor-created-us-go
So think about that: The government was heavily involved in TOR, it seems to be a spy network within the internet which is itself a giant spy network. As if the people with the most to hide are deliberately manipulated to use TOR where their activities can be monitored. I don’t know if TOR deserves trust either.
To protect your PC, unplug it, drag it to back of the garage and cover it with it with an old blanket your dog used to sleep on. No one will want to go near it.
Also get inside the thing and clip a few of those wires hackers use. Your PC is now safe from intrusion.
I wonder if they’re able to identify individual freepers and store our posts and messages? I always assume they do. I was advised a long time ago (before PCs actually) to never say or write anything that I didn’t want shared with the entire world.
All things any hard-core terrorist has certainly known for a few years now.
My experience has been that this normally results in a lot of lost data.
Thanks!
If I was a spy that’s the first place I would look.
It currently takes two separate passwords for my laptop to even boot up. Then it takes a third to log in. My data is on an encrypted partition, so even if they took the drives out, they couldn't read it.
We are thier terrorists
We are thier terrorists
For browsing get the Tor Browser Bundle
Cons: Something of a learning curve. URLs are complex. For example the URL for The Silk Road marketplace is: http://silkroadvb5piz3r.onion/
Pros: untraceable, complete anonymity.
N.B. Never, ever log into a web service such as Yahoo email while using TOR as all your anonymity can go up in a puff of smoke.
If these are more than you want to bother with, start using Ixquick for your web searches and use the anonymous proxy links.
Regardless of the excellent job their PR firm has done with the MSM, do not ever use Duck Duck Go and think you have achieved anonymity.
In my case:
You've posted a total of 1,186 threads and 116,868 replies.
Every post potentially provides a clue. You talk about cities you've lived in, places you've visited, people you've met, cars you've driven, schools you've attended, letters you've written to your elected representatives, rallies you've attended, vacations you've taken, etc.
Every bit of information narrows down the number of people you could possibly be.
A determined investigator can fairly quickly know who you are.
We have very determined enemies.
I was advised a long time ago (before PCs actually) to never say or write anything that I didn’t want shared with the entire world.
Sage advice.
If I was a spy I would establish an internet encryption service. The operation would be self-funding after a point.
When I clicked on the Duck duck go link in the story I got this:
http://www.dnsrsearch.com/index.php?origURL=
When I google it I get this:
Is this a research site? On our side or not? Kinda strange ...
bfl
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.