I have nothing to hide from people I trust. I do NOT trust the government.
In my previous post on the Surveillance State, I described the measures that are being used by the government to monitor everything we do. Since that article, new information has come to light. It appears that PRISM involves capturing internet traffic and storing it for later analysis. This means that all communication that you send on the internet is potentially in the NSA archives. If your data is encrypted with at least 512bit encryption, it is secure, for now, assuming you control ALL parts of the encryption, and in most cases, you do not.
In non-technical terms, this means that if you use a Secure website (e.g. https://) or have the “SSL” box checked for your email, all of this can be decrypted by the government. How? All they need to do is obtain the encryption certificate from the website owner (e.g. Google) or the means to recreate the certificate from a certificate provider (e.g. VeriSign). If they issue a “National Security Letter” to a provider and demand the keys, your data is now in the clear. There is nothing that can be done to fix this for anything already sent. There are new technologies slowly being rolled-out (e.g. Perfect Forward Secrecy) that will be able to protect your data, but these are not in common use at the time of this writing.
So, can you protect yourself from all this snooping? The short answer is “no”. Given the pervasiveness of government monitoring escaping government surveillance is a practical impossibility. Even going totally off the grid, living off the land and having no fixed abode isn’t enough. Simply doing so will attract attention from the government! It is further made difficult due to the fact that the national government owns significant portions of the land that would be best suited to this kind of life. But it’s not much of a life unless you are enthralled with a subsistence, hunter-gatherer lifestyle. I am not.
So what is one to do? The most that can be done is to reduce your visibility and footprint as much as possible. This means making decisions about how you conduct your life and how you make use of technology. In some cases, there is very little inconvenience involved and no loss of enjoyment in your life. In others, the inconvenience or loss of enjoyment will reach levels where some people will not want to give up their current lifestyle, or won’t be able to afford to. I’ll address some strategies and try to rate their effectiveness (E), cost(C) and difficulty(D). This is not a comprehensive list, but it will get you started. Ideas will be presented pretty much in order from lowest cost and difficulty to highest cost and difficulty.
Reverse disclaimer: This is something I actually do know about, do have demonstrated expertise and can help you with. Of course, such expertise annoys the government, so practically it’s not much different than if they wanted accuse me of giving diet or financial advice. 🙂
Use only very, very strong passwords and passphrases (E: High, C: Low, D: Low)
Before you do anything else, make sure you know about strong passwords and passphrases and use them. Despite what you hear in the media, there are only two things that matter with regard to strong passwords: a) the alphabet and b) length. You must use the largest alphabet possible, that is, the widest possible range of characters (e.g. upper and lower case, numbers, special characters). Second, it must be at least 10 characters, preferably longer (the longer, the better). Totally random is best. It is imperative that you use a different password for every single site or system you access. Never, ever use the same password or passphrase for multiple systems. Never.
Why does this matter? See Steve Gibson’s excellent page on password haystacks for full details, but the short version is that your goal is to make the number of passwords that have to be tried brute force so large that there is an extremely low probability of guessing your password. For example, an 8-character password that uses upper and lower case, a digit and two symbols would take, on average, 1 day to crack with a brute-force method that could guess 1 billion times a second (and yes, the NSA could do this). Simply making this password 10 characters changes the average time to crack from 1 day to 19 years. 12 characters would 1000 CENTURIES. You’ll be dead before they get your data even if cracking improves by 3 orders of magnitude! 20 characters is probably overkill, since that would take TRILLIONS of centuries to brute force. So, unless a site forces you to use a password less than 12 characters, use that, or more (I use at least 16 unless a site requires less). A site that requires less than 10 character passwords should be contacted and asked to fix this!
When you combine length, randomness and diversity, you have the problem of remembering all of your passwords. What you can NOT do is use a standard phrase and add something about the site you are using. Anything like that simplifies the process if ONE password from one site gets out, and this seems to happen quite often. For example, let’s say you used the string D0g12345678910 and added the domain name (e.g. D0g12345678910amazon.com). While your password in theory has 40 centuries worth of protection, if it ever leaked, every site you use (e.g. D0g12345678910netflix.com) would be instantly available to the government or a hacker (and if you did the same with your home computer, you are toast).
The solution to this is to use a ‘password safe’ to store your passwords. Create a memorable, but long passphrase for your password safe, and use it to generate long, random passwords for any internet site you use. I use 1Password but there are many other choices, including LastPass. Both come highly recommended and are completely self-contained (that is, they use TNO). Both of these have plugins for your browser that will allow you to auto-fill userids and passwords with a keystroke and entering your passphrase for the safe. An example of a long, memorable password (do NOT use this one) is: OneSmall$tepForAMan1. That’s trillions of centuries of protection. That should be enough. 🙂 Do NOT use your login password for your safe and do NOT allow your password safe to open automatically or stay open.
Shred ALL paper that you are disposing of (E: High, C: Low, D: Low)
Probably the single most effective thing you can do. Remember, once you put your recycling out by the curb you lose control of it. There is no privacy right nor protection from search for anything that is intentionally abandoned (including email stored on a remote server, like Google, if it’s more than 6 months old). Get yourself a good cross-cut shredder. Mine cost about $200 and turns a standard 8.5×11 sheet of paper into about 3000 diamond-shaped particles. No group of Iranian women is going to put THAT back together! It also shreds CDs, DVDs and credit cards. Nothing that has your name, address, account numbers, etc, should ever leave your house intact. While there is a bit of an up-front cost, it’s not high given the life expectancy of a good shredder and the effectiveness of shredding anything before the government (or identity thieves) can get their grubby hands on it.
Hand deliver your recycling to a drop-off point (E: High, C: Low, D: Low)
If your community has recycling drop-off, use it rather than curb-side pick-up. If you drop it off, it becomes very difficult to trace to you, especially if you’ve shredded anything that can identify you. You’d be amazed what could be learned from your trash and recycling! In our area we have a drop-off that takes everything that the curb-side pick-up does and also takes shredded paper. If your community doesn’t take shredded paper, find one that does or dispose of it as trash. Be sure to destroy anything that could identify you (shipping labels, prescription bottle labels, etc) before you drop it off.
Note: Handle electronic recycling (or re-sale or donation) VERY carefully. Any storage media must be wiped before you dispose of the device. A good method is to wipe the drive (most systems have a way to do this) and then re-install the basic OS. This makes it nearly impossible for anyone, even the NSA, to discover what was on the device.
Compost anything that can be composted (E: High, C: Low, D: Low)
This is for the truly paranoid and the gardeners. Any table scraps, cuttings, spoiled food, etc, goes into a compost barrel (a 35-50 gallon rubber trash can works well for this). Use the compost in your garden. Snoopers can’t look in your trash and see what you eat, etc. Implementing this, along with the two previous items, should leave you with almost nothing for the garbage man. The money you save in trash fees (we get charged by volume) should cover the costs of the shredder and trips to the recycling center.
Use cash for as many local transactions as possible (E: Med, C: Low, D: Low)
Cash transactions are, at least for the time being, very difficult for the government to track. So long as you do not identify yourself to the merchant in any way (see below on loyalty cards), it is very, very difficult to track your purchases. Sure, it might be possible for facial recognition software to match you to your purchases, but that kind of data collection isn’t even on the radar (except perhaps in casinos). This won’t cost you more than a trip to the ATM to withdraw money once a week or so. Stores mostly don’t want checks and they don’t pay a fee when you give them cash. You get the added benefit of cutting down the amount of money the banks take in and increasing the store profit.
Drop your cable/satellite subscription (E: Low, C: Low, D: Low)
This is one that will save you a lot of money, but may not be very effective. Sure, the government could get a list of the shows you watch, but nothing that the cable companies provide for viewers is likely to be illegal. There is a small potential that watching “Doomsday Preppers” could be used to show that you are a survivalist, but a good chunk of the jury likely watches it as well! That said, if you only watch over-the-air broadcasts and DVD’s it’s pretty much impossible for the government to know what you are watching short of a warrant to search your house for DVDs. Note that watching via Netflix or other streaming service, or from a website or via iTunes purchases can be tracked, so again, the effectiveness of this step against the government is limited.
Encrypt all of your data at home with a strong passphrase (E: High, C: Low, D: Med)
I listed this as medium difficulty because on Windows it’s a bit more complicated than it is on a Mac, and you likely will need some help if you are not tech savvy. Before you begin, you must change your login password to something difficult to guess then encrypt your system. If you have a Mac is trivial to do (enable Filevault with one click, provide a strong passphrase and you are done. Then encrypt your Time Machine disk, if you have one). On Windows, you will likely need something like TrueCrypt. Remember to never walk away with your computer unlocked/logged-in.
This is a VERY, VERY important thing to do. It will slow your computer a bit, but not significantly (and if you have an SSD instead of spinning disk you likely won’t notice at all). Doing this ensures that your computer is safe from government eyes. It’s important that you never, ever, ever give anyone your passphrase. The government can’t force you to give it to them (based on your 5th Amendment right against self incrimination), but they could force your wife, best friend, kid and, under the right circumstances, possibly your lawyer, to turn it over. If you put it in a safe, a safety deposit box or at a friends or relative’s house, a search warrant will get it.
It’s imperative to also ensure that you ALWAYS use ‘Secure Delete’ if you have a physical disk in your computer. Even if your disk is not encrypted, this will ensure the data can’t be recovered. Note that if you have an SSD, it is simply not possible to ‘Secure Delete’ due to the technology and you shouldn’t even use it since all it does is shorten the life of your SSD! Whole-disk encryption is the only way to go. And you absolutely must keep your passphrase secret.
NOTE: Phones and tablets encryption is highly variable and it’s always possible that the vendor (e.g. Apple, Samsung, Google, etc) could decrypt it. For Apple devices, once you set a lock code the device is encrypted. It’s easy to brute force this encryption if you only use 4 digits. If you enable complex passwords, you increase your security, but still are vulnerable to vendor-assisted decryption.
Keep no paper records (E: High, C: Low, D: Low)
Once you encrypt your disk (that’s why this one follows encryption despite being much easier) scan any documents you need to keep and destroy the originals. In the very, very rare case of a document you absolutely must keep, give it to your attorney for safe-keeping. Scan everything else, put it on your encrypted drive, ensure you have a secure, offsite, working backup and then shred the original. No paper makes it infinitely harder for the government to get that information—your passphrase is only in your head.
Use web services such as backup or file-sharing only if they are TNO (E: High, C: Low, D: Med)
Let me say right up front that DropBox is NOT secure. They can decrypt your data. Period. Don’t believe me? Listen to Steve Gibson’s podcast on cloud storage. As of this writing, July 26, 2013 neither are Google Drive nor SkyDrive. They do not encrypt data with a TNO (Trust No One) model. The data is secure in transit, but they control the encryption and your data is just a National Security Letter away from the government’s hands. I use ‘SpiderOak‘ (recommended by Steve Gibson) for my secure storage. They do NOT have my encryption keys and all they could turn over to the government is the encrypted data. With no keys, only brute-force methods could potentially extract the data, and with current computing powers, the universe will end before they crack the passphrase (it’s long and completely random).
Backup software should work the same way—it has to encrypt the data with a passphrase only you know before one bit leaves your computer. I use ‘Arq‘ on the Mac and store the backups on Amazon’s S3 storage. Note that S3 is NOT secure by itself, you must encrypt the data BEFORE you send it to Amazon’s cloud.
[Note: This is the point at which I am currently operating. The rest of this is too much for me, at least at this point, though I do some part of some of the below.]
Only buy firearms or other self-defense items in person and with no registration (E: High, C: Low, D: Med)
If you want to have tools for self-defense, you need to buy them in-person and from someone who can sell to you without telling the government about it. In other words, private sales at a gun show. If you buy from a licensed dealer, you will need a background check and forms filled out. While the forms aren’t sent it, the government can get them as needed. They will know what you have , when you bought it, etc.
Why is this the first item in the “I don’t do this” list? It is because Illinois requires a FOID (Firearms Owner ID) card to have any firearm in your possession, even in your own home. I am also required, because of my job, to keep current a list of all firearms I own with local law enforcement (the price you pay for clearance to enter the secure areas of the police station). In other words, at this point in my life, I can’t do this. Of course, moving out of IL would solve this, so long as I moved to a state with no ID card or registration requirement, and didn’t have a job that required me to disclose or report on firearms.
Use a VPN or TOR for web surfing (E: Med, C: Low, D: Med)
It is possible to obfuscate much of what you do on the internet. This could be highly effective, though the government will know that you are using such a service and which one, and there is a possibility that they could gather information from such a connection. If you use any site that they are monitoring (e.g. get the logs for or capture with PRISM) they will know you used it and STILL be able to do traffic analysis if you login. That said, this does make it somewhat harder on them.
Using a VPN (Virtual Private Network) encrypts all of your traffic from your computer and sends it to another computer on the internet. That computer then sends your traffic, intermixed with every other users’ traffic to the ultimate destination. Data comes back to you in the reverse fashion. One highly recommended service is ProXPN. TOR works in a similar way, but has random components to it that make government tracking more difficult. Just download the TOR Browser and use it to surf. Both solutions will take a bit of tech savvy to implement and you may find that some services do not work as you would expect (e.g. gaming). Even if this can’t keep the government 100% out of your internet use, it’s highly effective in keeping your ISP from snooping or monitoring (no more ‘six strikes’).
Update 2013-08-08: The US government has taken down a significant portion of the TOR network and it may be compromised. There is no real way to know for sure, so I strongly suggest not using it. Reports say that government-created malware was inserted into TOR, though this cannot be confirmed. In the end, I think TOR is fatally compromised, at least in its current invocation.
Ditch your I-Pass (electronic tolling), Chicago Card (bus pass) and other e-payment devices (E: Low, C: Med, D: Low)
Every time you use some form of RFID/WiFi/NFC payment system, you are tracked. That means every time your car goes through the “tollbooth” every time you swipe your card to get on the bus records are kept. You are tracked. Period. By not using these devices you deprive the government of that data. Unfortunately, this is very ineffective, at least for tolls. License plate scanners read every single plate that goes past the tollbooth. That data is stored. You are tracked. The only real solution is to give up your car, which is way too much for me.
Stop using store loyalty cards (E: Med, C: Low, D: Low)
This will immediately deprive both the merchant and the government of a direct tie to you if you pay cash (if you are using credit cards, this step will do nothing to help you-it only works in combination with paying cash). This is an easy to do thing that is very effective. It will likely cost you some money or time, depending on whether you have to shop multiple places to get the best prices or you bite the bullet and pay more by not taking advantage of the loyalty card discounts. From my perspective, this cost/time trade-off is very low for the success achieved.
Shop only in-person, never on-line (E: Med, C: Med, D: Low)
Easy to do, but you’ll give up the convenience of Amazon Prime shipments showing up 2 days after ordering at your house, the lower prices that usually can be found on-line and the far greater-selection available. If you want to ensure that no records of what you buy fall into the wrong hands, this is a necessary step.
Eliminate use of Credit Cards, Debit Cards and ATM Cards (E: High, C: Med, D: Med)
Here you start to give up significant options in your life. COD has gone the way of the dodo. That means ordering on-line requires either a credit/debit card or a bank account. All of these are tracked. Your only option is to use gift cards, and these only work for some merchants (e.g. Apple for iTunes, Amazon.Com, Target, etc). That said, they still have to ship things to you and that means records of what you bought. Period. This does cut your bank or credit card company completely out of the transaction, assuming you pay cash for your gift cards.
Stop using your mobile phone, GPS, computer etc (E: Med, C: High, D: High)
I rate this one as only medium in effectiveness and high in cost and difficulty. Why? Because the convenience and usefulness of these devices is so high and the effectiveness of ditching them is, at best, medium, that it’s just not worth it to me to get rid of them. Why aren’t these effective? You’ll still have utilities in your name, your car can be tracked by license plate scanners and your mail is being monitored. Not to mention the fact that every day more and more things are computerized and ‘paper’ options are fewer and fewer. To me, you give up too much to gain too little.
Note: If you have a phone, it doesn’t matter if you use location services to check-in to places. Foursquare, Facebook, etc, do not give the government any additional information that they don’t have. Since the phone companies provide location data along with call and message metadata, your location is known at all times. You could turn off the phone, but it’s not very useful, and the minute you turn it on, your location is known.
Reduce your use of the financial system (E: High, C: High, D: High)
This is probably the hardest of all of the ideas to implement. It is virtually impossible to disassociate yourself from the financial services sector. If you want to make purchases on the internet, you must use a credit or debit card, and those transactions are being vetted by the NSA. It is very costly and time-consuming, if not downright impossible, to live without a bank account of any kind. Many employers only pay by direct deposit and most landlords will not take cash for rent. If your employer pays by check (almost nobody will pay in cash except for very rare instances), you could use a check-cashing service but these tend to be expensive. You could also convert your cash to money orders, but this leaves a paper trail, the very thing you are trying to avoid.
Note that crypto-currencies like BitCoin can help you here, but the problem is, in the end, that you still have to have stuff delivered somewhere. And that’s the weak link in the chain.
Go off the grid completely (E: High, C: High, D: High)
This means nothing is in your name. No services, no real estate, no car, no driving license, no passport, nothing. You live as a hermit moving from place to place, hunting and gathering food. Your only possessions are whatever you carry on your back. Since you’re completely out of the financial system (including money), you’ll have to craft anything you need or find a way to barter for it, though barter involves human interaction, and that runs the risk of tracking. Sure, you could have enough silver or gold coins to last for anything you might need, but set foot in town or a store and you’ll be noticed. And, as I said above, intentionally going off the grid will attract attention. They will notice that your mail is being returned/piling up, you aren’t filing tax returns, etc. They will try to find you.
There you have it. Not exhaustive, but a good start at helping you determine how much your privacy is worth. I’m slowly moving down the list. I don’t think the government is going to stop willingly. A massive, massive voter backlash is the only hope, and even then, unless true libertarians are elected, the monitoring will continue unabated. Too many people think that security theatre is worth the loss of liberty and that propagates the bad behavior.
I’ll leave you with two conflicting quotes, one from a Founding Father and one from a current Congressman. It shows just how far America has fallen from our basic principles and why we’re in the situation we are in today.
“When the government fears the people, there is liberty. When the people fear the government, there is tyranny.” [Thomas Jefferson]
“If someone is so fearful that, that they’re going to start using their weapons to protect their rights, makes me very nervous that these people have these weapons at all.” [Rep. Henry A. Waxman, D-California]
I don’t think the disaster we find ourselves in could be shown more succinctly than this.
[Updated 2013-07-25 15:00 UTC for grammar/spelling/clarity and added links I missed before]
[Updated 2013-08-08 11:00 UTC for reports about TOR being compromised]