Slashdot Mirror
Snowden's Tough Advice For Guarding Privacy
While urging policy reform as more important than per-person safeguards, Edward Snowden had a few pieces of advice on maintaining online privacy for attendees at Saturday's New Yorker Festival. As reported by TechCrunch, Snowden's ideas for avoiding online intrusions (delivered via video link) sound simple enough, but may not be easy for anyone who relies on Google, Facebook, or Dropbox, since those are three companies he names as ones to drop. A small slice: He also suggested that while Facebook and Google have improved their security, they remain “dangerous services” that people should avoid. (Somewhat amusingly, anyone watching the interview via Google Hangout or YouTube saw a Google logo above Snowden’s face as he said this.) His final piece of advice on this front: Don’t send unencrypted text messages, but instead use services like RedPhone and Silent Circle. Earlier in the interview, Snowden dismissed claims that increased encryption on iOS will hurt crime-fighting efforts. Even with that encryption, he said law enforcement officials can still ask for warrants that will give them complete access to a suspect’s phone, which will include the key to the encrypted data. Plus, companies like Apple, AT&T, and Verizon can be subpoenaed for their data.
Google and Facebook make our lives easier in many ways. Just understand that what you say is not truly private and use common sense about what you post there.
The key is on the phone. Easy enough for any TLA to get unauthorized access to without the owner's knowledge. Apple's new policy changes nothing.
I am becoming gerund, destroyer of verbs.
Of course government can read my e-mail. All they have to be is waterboard me. Or install enough camera in public places to capture my unlock pattern. The question is what we allow the government to do, and in democracy we deserve what we get. No amount of encryption is going to solve this problem. We should have a direct popular vote for a commission of constitutional enforcement and then if majority of them rule that some secret agency is in violation, they will be able to disclose it legally.
Google analytics and ads are everywhere so even if you don't directly use their services like Search and GMail, you are still being tracked by them.
Also, your browser sends referrer headers which tells whatever site you're visiting where you came from. Your browser + browser plugin profile can be used to narrow down who you are even behind Tor. Browser plugins like Adobe Flash save their own set of cookies separate from regular browser cookies.
If you use the Internet, you're being tracked. You may be able to help yourself be tracked _less_ by taking some precautions, but that's about it, I think, for the average person.
I used FB for years before finally closing my account down. No doubt that data will stay in their system forever. Like a drug, better to not start at all than to have to quit.
Basically it boils down to: law enforcement are going to do what they're going to do. I know I'm being tracked, I try and keep my nose clean, and whatever happens happens. I'm not going to live my life all paranoid.
Simply avoiding Facebook, Google and the rest isn't going to serve much. Because that makes you stand out, too. Use them. Fill them with enough goody-two-shoes garbage that you're uninteresting enough. Invent some innocent hobby or two for you to have so you can fill that page with something. Invite friends (whoever you run across will do, just make sure that they're not in some way "odd").
The important bit is just to keep your real life apart from your official one. And yes, before you ask, your work belongs on the "official" side. Along with your official family and everything else that can easily be connected to you with existing data. Don't try to hide what can be proven to belong to you.
And yes, 10 years ago I would have agreed that doing something like this means your tinfoil hat is sitting too tight. Today, I ain't so sure anymore...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
gpg, when you can.
To encrypt, but have the encrypted output be encoded as text (so can be put copy/paste into an email)
gpg --symmetric --cipher-algo AES256 --armor example.txt
(gpg will then ask for a passphrase, make it long, as random as possible, upper and lower case, a punctuation, and a number)
TO DECRYPT
gpg example.txt.gpg
Steve Gibson has a very cool Internet resource for helping people learn about password strength: https://www.grc.com/haystack.h...
Per the haystack page:
Example passphrase = search space size
64characters of hex = 4.13 x 10^99
63characters of hex, plus adding a punctuation symbol = 4.93 x 10^117
62characters of hex, plus adding a punctuation symbol, plus adding an upper case letter = 3.79 x 10^126
Uh, Linux geek since 1999.
On the device, the data that is encrypted uses a key derived from the password or pin. This is very similar to how you'd encrypt any local file. Anything you can still get to after forgetting your password and resetting it obviously was not encrypted with that forgotten password.
On their cloud, some things are technically encrypted, but the encryption isn't very effective. Anything you can access via their website or apps, including email and photos, they have access to. Email is a good example- their web site shows you the To, From, and Subject lines of the messages, so obviously their server has access to read the emails.
In general, encryption of live, working data on a server is _often_ largely security theatre. Sure, if a bad guy physically broke into the datacenter and walked out with the server, the encryption of the disk would make it hard for him to access the data. As long as the server is up and running, any data the server can access can also be accessed by a hacker with a presence on that server. In these cases, the key is for one of the server's disks, so it's generated by Apple and probably sitting on the same server where the data is. With tens of thousands of servers, you don't have human beings walking around typing in passwords, so the key needs to be on the server. If the hacker is in the server ...
The data is encrypted in transit via ssl/tls. For that time period, it's encrypted via tls/ ssl. First Apple's ssl key is used, then a per-connection key is generated.
Holes, where the data is not encrypted at all, and there is no key, occur at transition points. They web server takes the ssl encrypted data, decrypts it, and hands it off to the storage layer to be "encrypted" on disk. Quotes are on the disk encryption because as discussed above the encryption on disk is largely illusory. Similarly with the transition from your phone to the upload to the server. Your phone decrypts it with your key, encrypts it with the ssl key, and then sends it to the server.
Those transition points in which the data is unencrypted are vulnerable points which are targeted for attack. I've confirmed at least one case where I've seen the transition point on the server compromised. Fortunately, I _think_ I may the one who tapped the data and logged at it that point, for debugging and recovery purposes. I forgot to turn off the logging when we went into full production, I think.
Here is the rub:
A company breaks up a key into pieces and says that no single division or part can decrypt data.
However, with the proper "encouragement" via a government (similar to how India "encouraged" RIM to give them access to BIS servers), the data can still be obtained. iPhones are quite closed devices, and in theory (mind you, this is theory), Apple could push some code to the phone belonging to a person of interest that would either install a backup key, pull the key out, or download data in the background.
Android, similar... but with Android, there are so many different ROMs, phones, and configurations out there that it would take some doing and not just typing an IMEI number, click "spy", and be done with it. It is quite possible, but not as easy.
Do I trust Apple? There are other big companies who have started to play policeman and actively sift through their subscriber data and hand things over without being told to do so. Apple doesn't actively do the virtual equivalent of going through one's belongings with a fine tooth comb, then bringing in the police if something illegal is found under a couch. There is already enough fighting to keep government powers at bay. Having private companies act as another police force is unacceptable, no matter how noble their aim.
Would I stay at a hotel knowing that my stuff there will be sifted through for anything illegal, and my phone calls taped and actively listened to for any activity? Nope. I'm sure the "do you have anything to hide" argument will be brought to bear, but if the company storing my data is now someone actively trying to find a way to cause me legal issues, I'll take my business to another place that doesn't do that. I feel that Apple hasn't tossed anyone to the wolves, so they are probably a lesser evil in this department, although who knows where their data ends up, as their devices are made in China, and the Chinese government has just as much say in what goes into them as Tim Cook does.
Don't forget -- "illegal" applies globally. The US has extradition agreements with Saudi Arabia and Turkey, so technically, a US citizen can be extradited to KSA for something anti-Islamic (giving a church flyer to a Muslim), and then beheaded even though the person never set foot outside the US. So, what may be something one doesn't worry about now may be something (and their families) that one might be killed over in a few years.
Another example is Thailand's lese majeste laws. A US citizen who poked fun at Thailand's leaders can be deported there, even though the person never was in the country. Having a private company look for these types of things, items that people never thought of, then they get arrested and shipped overseas to stand trial in a country they never even seen is something that is inevitable. Someone may be a 100% law abiding person in the US and have nothing to hide... but with extradition treaties, they might be breaking laws in a country they never have heard from and can be hauled off for that (Kim Dotcom, anyone?). So, privacy is a must.
Do I trust Facebook? Rule 1 of the Net. Don't put it up unless you want the local DA, Feds, and your worst enemies seeing it. With that in mind, plus common sense partitioning (run your FB Web browser in a sandbox or container separate from everything else), FB is tamable. It is a must these days (I've been turned down for jobs because I didn't have a FB ID, as an IT worker without a FB or Twitter account is considered a "fossil".)
Do I trust Google? I use their services, and have found that Android is well written. Even the disk encryption is decent, especially if you separate the dm-crypt partition passphrase from your unlock PIN, making your /data partition extremely tough to brute force open. I'm not really worried, as they are not any worse or any better than other places.
Do I trust Dropbox? Similar to above. Neither worse or better. However, I do pack my own parachute and use Boxcryptor (not 10
Well, that"s why you use throwaway identities: http://www.fakenamegenerator.c... It may not be 100% foolproof, but it certainly makes it harder for others to build an exact profile of you. Most especially use something like Lastpass to import 3000 generated identities that you can randomly pick from to auto fill forms.
Try startpage.com. It uses results from Google, but isn't Google. As far as I can determine, they don't log anything you do.
It also happens to be the default search engine of the Tor browser, which should say something as it goes way out of the way to make sure your activity is completely anonymous.
Mainly to make the authorities go through the front door, you know, as the constitution says they should.
They hate having to follow that old rag's commandments though.
... it would be like having to constantly avoid highways and grinding your way through crumbly outback routes.
Really? Other than youtube, I don't think I've bothered with google in years. ixquick is a reasonable search engine (and there are others as good). It even has a google gateway, and it's https. mail.com (among others) offer free email.
Other than the wonderful feature of NSA slurping everything you do, what's google really do for you?
I've nothing really against google. I just prefer not to go that way.
"Tongue tied and twisted, just an Earth bound misfit
they need a warrant, and have to go through proper legal channels.
I take it you've been living under a rock for the past decade.
As far as I can determine
But what's that worth? They're pretty much silent on their internal operations. Who owns them? Who runs them? What does their infrastructure look like? How about their business model?
I don't trust any of the search providers as far as I can throw them. If you've got to make a search and you're worried, do it over a public network somewhere else with a spoofed mac and/or over Tor (for starters). Start by locking down your box and then lock down your habits.
You need to take Apple at their word for most of those. There's proprietary hardware and binaries in the mix. There's no independent outside audit. Your level of trust is disturbingly naive in an era where corporations and governments lying to citizens is the norm.
Apple may well be telling the truth about all of them. But to put actual trust in it is fanboiism itself. Right now, you can't trust much of anything. In short, we're stuck between a rock and a hard place. We need to get work done, to interact with others, to be productive in general--but the best options available to us are lousy.
Trust comes at a high premium and isn't given lightly.
His advice is so stupid that I'm really beginning to wonder whether he is still working for the NSA. It's not only inconvenient, it actually puts you at a greater risk.
Computer security is really not that different from physical security: locking up everything from everybody is a lot of work, inconvenient, and expensive.
For most things, Google and Facebook are perfectly fine. Hysterical avoidance of them is not only inconvenient, but switching to supposedly more secure services will either make you appear suspicious, or you may simply be running into the open arms of some intelligence service that is using those services as a front.
Information you don't want to fall into the hands of criminals, you should encrypt; online storage may be fine for some if you are good about encryption and it's not that critical. For really critical information, use local USB drives or paper.
Is there information you don't want to fall into the hands of government? Yes, even if you are law-abiding. You want to avoid being a false positive on some witch hunt for terrorists or drug offenders, and you don't want to give corrupt prosecutors the ability to blackmail or pressure you into admitting things you didn't do. So, keep your Magic Pony gay porn collection off the Internet and encrypt it, keep your medical information on paper, and purchase your fertilizer and cold medication with cash when you can.
Actually, I do read source code, you imbecile.
Careful who you're calling "imbecile" there. Reading source code doesn't do a damned bit of good unless every line of code on your machine was built *by you* from the same source you audited, using a known good compiler. Every executable, every driver, every library, every damned line of code that executes on your hardware.
Blocked in my 'hosts' file. See: http://winhelp2002.mvps.org/ho...
Knowledge is power; knowledge shared is power lost.
Too bad any long-distance wireless frequencies are regulated and would result in breaking the law with very stiff fines and possible jail sentences. Plus you could be sued from the big telcos for interfering with their paid-for air-waves. Even HAM radio does not allow noise or encryption to be transmitted over the radio waves.
You can always use an encrypted VOIP service I suppose, but technically that is controlled as well, not to mention that the NSA is also developing/buying 0-day exploits so they can break into your computer/router/modem/etc and spy on you that way so even the encryption will not be secure... A bit tin-foil paranoia on that level, but not impossible as it is already being done here in the USA, and who knows how many other things that they are doing that the public is unaware of or how bad it will get into the future.
But i know, that there are people working with the source code. An obvious backdoor would have been found i.e. by the cyanogenmod people, so it needs at least to be more subtle.
Is this where "the man" dangles a puppet in front of your eyes so you forget about everything else? Say I never used facebook, dropbox and google and steer clear. Now "they" only have phones, credit cards, bank statements, anything I get shipped, plane stubs, hotel reservations, car license plates, cell- and/or smartphones and a bazillion other things to know exactly what I ate last Tuesday and to violate my privacy which, judging by the attention wh**ing online, nobody cares all that much about anyway it seems.
"Only one thing is impossible for God: To find any sense in any copyright law on the planet." - Mark Twain
That only has a limited effect. https://panopticlick.eff.org/ This is one of the SIGNIFICANT downsides of being a geek. Running Linux, alternate browsers, having unusual plugins, etc. all make it very easy to identify your particular machine on the 'Net.
I know of at least 2 very big projects that have backdoors injected and them and no one has a clue.
Really? Well, it's free software, so either inform someone or get cracking. I see you're being very vague about this.
People use Gmail because it is generally reliable, they abstract them from whatever ISP they may have at the moment, and appear to be free. But mostly because they appear to be free, because the other two can be had elsewhere. But we all know it isn't free. They have your data. I personally don't believe they don't mine your data. The cost is your personal information not really being personal. But cash money is a powerful thing. And with new job creation tending towards "would you like fries with that," saving cash is more important to most than saving privacy.
-- I ignore anonymous replies to my comments and postings.