Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

How to remain secure against NSA surveillance
The Guardian ^ | 9/5/13 | Bruce Schneier

Posted on 09/06/2013 4:15:48 AM PDT by shego

Now that we have enough details about how the NSA eavesdrops on the internet, including today's disclosures of the NSA's deliberate weakening of cryptographic systems, we can finally start to figure out how to protect ourselves....

At this point, I feel I can provide some advice for keeping secure against such an adversary....

1) Hide in the network. Implement hidden services. Use Tor to anonymize yourself. Yes, the NSA targets Tor users, but it's work for them....

2) Encrypt your communications. Use TLS. Use IPsec. Again, while it's true that the NSA targets encrypted connections--and it may have explicit exploits against these protocols--you're much better protected than if you communicate in the clear.

3) Assume that while your computer can be compromised, it would take work and risk on the part of the NSA--so it probably isn't. If you have something really important, use an air gap. Since I started working with the Snowden documents, I bought a new computer that has never been connected to the internet....

4) Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well....

5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it's harder for the NSA to backdoor TLS than BitLocker, because any vendor's TLS has to be compatible with every other vendor's TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it's far less likely those changes will be discovered....

Since I started working with Snowden's documents, I have been using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit....

(Excerpt) Read more at theguardian.com ...


TOPICS: Crime/Corruption; Government; News/Current Events; Technical
KEYWORDS: bigbrother; computersecurity; encryption; nsa; security; surveillance

1 posted on 09/06/2013 4:15:48 AM PDT by shego
[ Post Reply | Private Reply | View Replies]

To: shego; MestaMachine

Pingo


2 posted on 09/06/2013 4:24:59 AM PDT by Hardraade (http://junipersec.wordpress.com (Obama: the bearded lady of the Muslim Brotherhood))
[ Post Reply | Private Reply | To 1 | View Replies]

To: shego

I like GPG - open source less likely to have a backdoor and extremely unlikely to be succeptible to brute force breaking. If 5% of all emails were encrypted with this, then there would not be enough NSA analysts to examine the metadata reports on the activity.


3 posted on 09/06/2013 4:32:12 AM PDT by from occupied ga (Your government is your most dangerous enemy)
[ Post Reply | Private Reply | To 1 | View Replies]

To: shego

Have a prearranged set of common sounding code words.

If you do not use terms that are being looked for they won’t look at you


4 posted on 09/06/2013 4:33:31 AM PDT by Fai Mao (Genius at Large)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Fai Mao

Yes. Phrases like “the chair” or “the wall”. You could tell people “The chair is against the wall” and the NSA wouldn’t suspect a thing!


5 posted on 09/06/2013 4:36:01 AM PDT by ClearCase_guy (21st century. I'm not a fan.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: ClearCase_guy

John has a long mustache.


6 posted on 09/06/2013 4:52:34 AM PDT by Monitor ("The urge to save humanity is almost always a false-front for the urge to rule it." - H. L. Mencken)
[ Post Reply | Private Reply | To 5 | View Replies]

To: shego

Or, lead a normal life and don’t fret about a breach of you privacy that is not going to happen.

NSA doesn’t give a damn about you and me.


7 posted on 09/06/2013 4:56:43 AM PDT by bert ((K.E. N.P. N.C. +12 ..... Travon... Felony assault and battery hate crime)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Monitor

The rooster shopped at Target.


8 posted on 09/06/2013 5:01:20 AM PDT by BullDog108 (A Smith & Wesson beats four aces!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: bert

NSA might not, but law enforcement and every alphabet bureaucrat are just busting to get access to all that data. And if you have nothing to hide because you think you haven’t done anything wrong, you’re not paying attention.


9 posted on 09/06/2013 5:01:41 AM PDT by Orangedog (An optimist is someone who tells you to 'cheer up' when things are going his way)
[ Post Reply | Private Reply | To 7 | View Replies]

To: bert
But, but, but I saw this so I'm worried. You must have missed it.


10 posted on 09/06/2013 5:04:27 AM PDT by InterceptPoint
[ Post Reply | Private Reply | To 7 | View Replies]

To: BullDog108

The hawk is flying low.


11 posted on 09/06/2013 5:06:20 AM PDT by x1stcav ("The past is a foreign country: they do things differently there.")
[ Post Reply | Private Reply | To 8 | View Replies]

To: ClearCase_guy

I have to remember this the next time I launch a full scale invasion of Normandy.


12 posted on 09/06/2013 5:07:02 AM PDT by exit82 ("The Taliban is on the inside of the building" E. Nordstrom 10-10-12)
[ Post Reply | Private Reply | To 5 | View Replies]

To: shego

Irony. The UK Guardian, a Leftist pub, posting articles against the Obama.


13 posted on 09/06/2013 5:07:44 AM PDT by Old Sarge (Opinions are like orgasms: only mine count, and I couldn't care less if you have one...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: shego

Even the left is turning against Obama.


14 posted on 09/06/2013 5:13:17 AM PDT by Biggirl (“Go, do not be afraid, and serve”-Pope Francis)
[ Post Reply | Private Reply | To 1 | View Replies]

To: x1stcav

The hawk is flying high.


15 posted on 09/06/2013 5:14:44 AM PDT by Red in Blue PA (When Injustice becomes Law, Resistance Becomes Duty.-Thomas Jefferson)
[ Post Reply | Private Reply | To 11 | View Replies]

To: shego

Actually I was thinking less about hiding anything. WE have the right to free speech ....take a page from their own playbook ...and overwhelm the system.


16 posted on 09/06/2013 5:16:06 AM PDT by EBH (America is not judge, jury, and executioner for the world.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: All

When you KNOW they are listening DISINFORMATION is useful too. Falcon to snowman...come in snowman.


17 posted on 09/06/2013 5:16:08 AM PDT by 762X51
[ Post Reply | Private Reply | To 13 | View Replies]

To: bert

The NSA has probably targeted everyone who posts at Free Republic...enemy number one. Don’t forget who is behind the White House: the Muslim sisterhood.


18 posted on 09/06/2013 5:18:34 AM PDT by huldah1776
[ Post Reply | Private Reply | To 7 | View Replies]

To: Red in Blue PA

The goose is on the run.


19 posted on 09/06/2013 5:20:37 AM PDT by x1stcav ("The past is a foreign country: they do things differently there.")
[ Post Reply | Private Reply | To 15 | View Replies]

To: BullDog108

Si is a funny man.


20 posted on 09/06/2013 5:21:55 AM PDT by LibLieSlayer (FROM MY COLD, DEAD HANDS!)
[ Post Reply | Private Reply | To 8 | View Replies]

To: shego

How ‘bout just have nothing to do with Facebook. I mean, just a few years ago wasn’t it possible to have a life without social media & tweets & whatnot?

Of course, FReepers are already on some gubmint s***list. We know that, don’t we?


21 posted on 09/06/2013 5:27:16 AM PDT by elcid1970 ("The Second Amendment is more important than Islam.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: bert
Or, lead a normal life and don’t fret about a breach of you privacy that is not going to happen.

So, what happens with the government decides that your normal life is no longer normal?

22 posted on 09/06/2013 5:30:30 AM PDT by justlurking (tagline removed, as demanded by Admin Moderator)
[ Post Reply | Private Reply | To 7 | View Replies]

To: shego

ping for reference


23 posted on 09/06/2013 5:32:10 AM PDT by Springfield Reformer (Winston Churchill: No Peace Till Victory!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: bert

You don’t feel the collar because the leash isn’t being pulled at the moment, so everything is alright?


24 posted on 09/06/2013 5:35:35 AM PDT by Jack of all Trades (Hold your face to the light, even though for the moment you do not see.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: shego
The article describes how to be more secure. The only way to be secure is to destroy you cell phone and not use any form of electronic communication. In which case your basically isolated, so they win anyway. Catch 22.
25 posted on 09/06/2013 5:40:32 AM PDT by Jack of all Trades (Hold your face to the light, even though for the moment you do not see.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: bert; shego
Bert,

The Baghdad Bob of FreeRepublic:


26 posted on 09/06/2013 5:42:13 AM PDT by SoConPubbie (Mitt and Obama: They're the same poison, just a different potency)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Hardraade

East Wind, Rain


27 posted on 09/06/2013 5:57:36 AM PDT by Captain7seas (Fire Jane Lubchenco and John Pistole.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: shego

I’m trying to figure out how the NSA can spy on hand-written ciphered/coded notes or coded ham radio comms.

When technology gets too complicated to get the upper hand, baffle it with ancient methods.


28 posted on 09/06/2013 5:58:42 AM PDT by EricT. (Freedom is slavery. Ignorance is strength. Big brother is watching you.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: shego

If you’re not coding your PC and software from the ground up (think BIOS, chipset, etc) anything you do is just an annoyance, and doesn’t protect your communications. If you’re communicating digitally, assume it is compromised, or could be with minimal effort.


29 posted on 09/06/2013 6:23:41 AM PDT by TexasGunLover ("Either you're with us or you're with the terrorists."-- President George W. Bush)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Captain7seas

Wind from the East, fish bite the least.

The Sheep are grazing in the grassy meadow.

Over


30 posted on 09/06/2013 6:44:04 AM PDT by VRWCarea51
[ Post Reply | Private Reply | To 27 | View Replies]

To: 762X51

Aunt Mary has the flu.


31 posted on 09/06/2013 6:57:16 AM PDT by SUSSA
[ Post Reply | Private Reply | To 17 | View Replies]

To: SUSSA

The Sparrow took the bus. No direct flight.


32 posted on 09/06/2013 7:37:52 AM PDT by A_Tradition_Continues (formerly known as Politicalwit ...05/28/98 Class of '98)
[ Post Reply | Private Reply | To 31 | View Replies]

To: A_Tradition_Continues

Jerry got a new puppy. Billy’s birthday party is next week.


33 posted on 09/06/2013 7:44:54 AM PDT by SUSSA
[ Post Reply | Private Reply | To 32 | View Replies]

To: from occupied ga
GPG (and PGP in general) doesn't help with protecting metadata in email. The email header (which includes to, from, date, and subject line information) is still sent unencrypted, so it does not make it impossible for NSA analysts to look at metadata reports on activity or build a network of contacts!
34 posted on 09/06/2013 7:46:01 AM PDT by BigBankTheory
[ Post Reply | Private Reply | To 3 | View Replies]

To: shego
This bit is important as well:

Since I started working with Snowden's documents, I have been using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit, and a few other things I'm not going to write about. There's an undocumented encryption feature in my Password Safe program from the command line); I've been using that as well.

I understand that most of this is impossible for the typical internet user. Even I don't use all these tools for most everything I am working on. And I'm still primarily on Windows, unfortunately. Linux would be safer.

The NSA has turned the fabric of the internet into a vast surveillance platform, but they are not magical. They're limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.

Trust the math. Encryption is your friend. Use it well, and do your best to ensure that nothing can compromise it. That's how you can remain secure even in the face of the NSA.


I think it's largely the government's fault that solid crypto isn't already deployed routinely in the majority of your internet activity.  

35 posted on 09/06/2013 8:06:15 AM PDT by zeugma (Is it evil of me to teach my bird to say "here kitty, kitty"?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: BigBankTheory
GPG (and PGP in general) doesn't help with protecting metadata in email

true, but I was only thinking of protecting the content. You can go to onion routing if that helps, but it's still traceable.

36 posted on 09/06/2013 8:07:06 AM PDT by from occupied ga (Your government is your most dangerous enemy)
[ Post Reply | Private Reply | To 34 | View Replies]

To: SUSSA
Aunt Mary has the flu.

Proceed with Operation Night Stalker. Repeat, Operation Night Stalker. Monitor this channel for further instructions.
37 posted on 09/06/2013 8:16:16 AM PDT by 762X51
[ Post Reply | Private Reply | To 31 | View Replies]

To: BigBankTheory
GPG (and PGP in general) doesn't help with protecting metadata in email. The email header (which includes to, from, date, and subject line information) is still sent unencrypted, so it does not make it impossible for NSA analysts to look at metadata reports on activity or build a network of contacts!

Combine GPG with Anonymous Remailers, and you're much better off.

38 posted on 09/06/2013 8:19:34 AM PDT by zeugma (Is it evil of me to teach my bird to say "here kitty, kitty"?)
[ Post Reply | Private Reply | To 34 | View Replies]

To: Jack of all Trades

It takes money to become invisible. The more that you are willing to spend the smaller footprint you will leave for them to track.


39 posted on 09/06/2013 8:30:25 AM PDT by B4Ranch (AGENDA: Grinding America Down ----- http://vimeo.com/63749370)
[ Post Reply | Private Reply | To 25 | View Replies]

To: zeugma

Someone needs to come up with Anonymous Remailers with distributed nyms through alt.messages.anonymous scraping built in. This would be my project if I had time.


40 posted on 09/06/2013 1:26:29 PM PDT by BigBankTheory
[ Post Reply | Private Reply | To 38 | View Replies]

To: ClearCase_guy

These pretzels are making me thirsty.


41 posted on 09/06/2013 2:36:00 PM PDT by pluvmantelo (No blood for Obama's Intemperate Linedrawing)
[ Post Reply | Private Reply | To 5 | View Replies]

To: zeugma
I think it's largely the government's fault that solid crypto isn't already deployed routinely in the majority of your internet activity.

Clearly so -- if not for government interference the system would have had crypto with digital signing (making unauthorized intrusion effectively impossible) long ago.

The NSA has caused one of the basic infrastructures of Western civilization to be hobbled with Swiss cheese security. It's as if (for example) all air bases were required to turn off their radar warning systems at prescheduled times so that the REMFs in Washington would be able to send surprise inspectors and make sure the COs were performing as ordered.

42 posted on 09/07/2013 2:19:38 PM PDT by shego
[ Post Reply | Private Reply | To 35 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson