Private conversations

The past decades has seen what is often referred to as the information revolution. It has changed how we communicate and organise. And besides the opportunities this has created for people to connect easily across borders, it has also created opportunities for corporations to make more profit (off of our data) and for governments to control “their subjects” (with or without consent). There is nothing new under the sun concerning the core intent of the two: “corporations are after profit” and “governments are after control”, but will people take it all lying down? I daresay we will not be fooled (again). State surveillance is not aimed at “terrorists”.

Each and every one of us can make the internet a safer place by adopting security and privacy practices. If we all get in the habit of doing things as securely and privately as we can, each of us can be a cut-off sharp excrescence of a plant, especially a sharp-pointed aborted branch, in the side of the surveillance state. In the end, the surveillance state can hear and read everything, but let’s do our darndest to make that as expensive as possible.

private2

Civilisation is the progress toward a society of privacy? Looking at the growing global (surveillance) state, you could have fooled me.

Sensible habitual questions

Does whatever it is that you wish to send require communication in real time, or is it okay if it is received later? How will the receivers of your message know it is really you that sent it? And how can we make it as hard as possible for spying corporations and governments to read it?

  • What to share with whom, when and how? – What do we really need to send out? Does it “incriminate” you? Does it “incriminate” others? Will it allow others to undermine your intended action or operation? Only share with people that really need to know that you are ordering enough Maalox to serve all patients with indigestion, heartburn, gastroesophageal reflux disease, or stomach or duodenal ulcers in your town or city, or for some other purpose.
  • Asynchronous communication – If it’s okay people receive the message later, you can use email. To make sure people know it’s you and to make it hard for spies to read content, you can sign/encrypt your messages using PGP (GPG). PGP does have some limitations and it is by no means a perfect solution, but it is much better than sending unencrypted emails. Unfortunately, one big reason for lack of adoption is simply that too many people are intimidated by it. The good news is that you really don’t have to understand how PGP works in order to start using it: Get Started with PGP in 10 Minutes or Less.
  • Authenticated communication – Email with PGP and most chat tools allow you to set up authentication, but when deciding on a tool, make sure that it does. Skype for instance, besides being beyond repair, allowed encryption but not authentication. Many mobile devices allow for encryption, yet not authentication. To a certain extent a phone is authenticated (because people can recognise your voice). And keep in mind that phone calls can be and actually are intercepted.
  • Encrypted communication – Analogue landlines are not encrypted, and it is very easy to tap them. Such tapping requires physical access to the line, from for example the phone location, distribution points, trunks, cabinets, bridges and the exchange itself. Cellphones are also easily traced and “tapped”. There is no (or only limited) encryption, the phones are traceable – often even when switched off– since the phone and SIM card broadcast their International Mobile Subscriber Identity (IMSI). It is possible for a cellphone company to turn on some cellphones when the user is unaware and use the built-in mic to listen in on you.

Computer forensics

[linkview show_cat_name=”0″ cat_name=”Computer forensics communication”]

Email

If you need a contact email, get one from one of the autonomous servers. A/I and Riseup also offer their services as Tor hidden services:

[linkview show_cat_name=”0″ cat_name=”Access via Tor Hidden Service”]

Encrypt your email with gpg, consider using TorBirdy, or get an i2p email address that you only give to a few selected souls …

[linkview show_cat_name=”0″ cat_name=”Email”]

You may also wish to change some email client settings. This post describes how to do that in thunderbird.

For registrations, you can use a disposable email address:

[linkview show_cat_name=”0″ cat_name=”Disposable Email”]

Instant Messaging

[linkview show_cat_name=”0″ cat_name=”Instant Messaging”]

For more on anonymising your traffic by using other protocols, see the mage arena guide.

Phones

Tip: You can easily “jailbreak” a phone with tools such as Pangu or evasi0n. A readable article is Jailbreaking an iPhone – An Easy Guide to Free Your iPhone

Many companies and individuals have developed an amazing range of software applications for cell phones – some to enhance the features and capabilities, some just for fun, some for spying, some for anti-spying. There are literally thousands but if you have a regular iPhone you can’t use them unless it has been jailbroken. Jailbreaking will give you the freedom to choose from sources. Total freedom and choice – strike a blow!
[linkview show_cat_name=”0″ cat_name=”Phones”]

Anti forensics

[linkview show_cat_name=”0″ cat_name=”Anti forensics”]

Leave a Reply

Your email address will not be published. Required fields are marked *