Since the election, a lot of non-technical folks have started paying more attention to digital security. They’re concerned that the Trump Administration will expand the mass surveillance programs developed since 9/11, and use them against immigrants, Muslims, and political opponents. What are the privacy-enhancing tools you would recommend for the absolute beginner?
The first is Two Factor Authentication (2FA). Gmail, Facebook, Twitter, Dropbox all support 2FA. 2FA means that when you log into your account, you receive a text message with a numerical code that you must enter in addition to your password. So someone would need to know both your password and have access to your cell phone to log in as you. That makes it that much harder for someone to hijack your account.
Everyone should install Signal on their smartphone right now. Signal lets you send encrypted text messages and have encrypted phone calls with other Signal users. That means anyone monitoring your internet connection won’t be able to see the contents of your messages or listen to your conversations. If I sent a regular unencrypted text message, then my cell phone service provider would be able to read my message, along with the government. Encryption protects you from that.
HTTPS Everywhere is a useful browser extension. Many websites have an insecure HTTP version of their site as well as a secure HTTPS version that encrypts your browser’s connection to that site. If you happen to click on a link that takes you to the insecure HTTP version of a site, HTTPS Everywhere will check for the existence of a secure HTTPS version of the site and redirect you to that.
Tor Browser feels just like any other web browser, but it lets you browse the web anonymously by encrypting and bouncing your traffic around between randomly chosen servers that make up the Tor network. But, obviously, don’t sign into a website as yourself if you’re trying to hide your identity. To learn more about how Tor works, see https://www.torproject.org/about/overview.html.en.
ProtonMail is a service that lets you send encrypted e-mails pretty easily. Any e-mail sent from a ProtonMail user to another ProtonMail user is encrypted automatically. The subject line is not encrypted, so people should watch out for that. But the body of the e-mail and the attachments that you send from one ProtonMail account to another ProtonMail account are encrypted. And they have mobile apps that work well.
What about the fear that if you use these privacy-enhancing tools, you may in fact attract more attention from government agencies?
We have two options.
Either we can remain digitally naked and vulnerable and decide not to take basic precautions to protect ourselves online, or, we can make use of these tools and get everyone we know using them until everyone is protected and using such tools is completely normalized.
So you want to be using these tools all the time. You don’t want to turn on Signal only when you’re headed to the protest, for example.
Exactly. If you only use secure messaging when you want to say something that you’re worried about, then you’re signaling—no pun intended—that this is a special message.
Beyond the tools, what should novices keep in mind when it comes to digital security?
Clarify in your own mind which information you want to be public and which information you want to be private. For example, you might be at a protest and you might be broadcasting it on Twitter using a certain hashtag. There are pretty sophisticated analytics and tracking tools that law enforcement use for monitoring social media. Even though it seems like your tweets are being lost in a sea of billions of messages, they’re not. It’s not hard for people to look at your Twitter feed and figure out who was at a protest.
Which things do you really need to do in your name? And which things are just as valuable to do without putting your name on it? Maybe it’s not necessary for you to reveal who you are when you’re spreading awareness of a protest. So you could create a separate Twitter account that does not have your real name attached to it.
What’s your single biggest security fear when it comes to this Administration? What should we be most afraid of?
Let me put it this way: imagine how much worse the Holocaust would’ve been if Hitler had known the real-time physical location of every Jew. The PRISM program is the NSA’s partnership with almost all of the major tech companies. As far as we can tell, every text message, every phone call, every email, every Facebook message, every Google search is being vacuumed up. Imagine if the government wanted to use that surveillance apparatus to target a particular group.
First, for anyone who has a cell phone on them, the government will know exactly where they’re physically located. Sure, you can shut off your phone. But where are you going to go? You’re probably going to go hide with someone you regularly communicate with on Facebook or Gmail (or a family member). And even if you did encrypt all your communications to those people, as long as your real name is attached to them, then the NSA is still going to know who you’re communicating with and how often. They can map out your entire social graph, then pay those people a visit when hunting you down.
I don’t know how you defend against something like that.
That’s pretty depressing.
A less catastrophic but more likely scenario is where the NSA uses its all-seeing eye to continue to collect dirt on every possible political opponent they may have in the future, then leak damaging information to the media to undermine their credibility, thereby establishing a permanent, unaccountable, unelected, mostly invisible oligarchy.
If there are other politicians running against the anti-NSA politician, and these candidates happen to be “pro-NSA” in some sense that the NSA cares about—they want to expand the NSA’s budget, for instance—the NSA can simply not leak anything damaging about them, or even leak positive things.
By manipulating what we know about the candidates, the NSA could effectively undermine our democracy.
So what are the tools that you would you like to see the anti-surveillance community focus on building in the coming years? What kind of technology do we need to avoid the worst-case scenario?
Censorship-resistant applications. It’s easy for governments to block a centralized service. The Egyptian government has blocked Signal in the past—all they have to do is block the Signal website that everyone’s messages flow through, although there are some workarounds that Signal and others are starting to employ. Similarly, the Brazilian government keeps blocking WhatsApp. They block the WhatsApp website, and then WhatsApp doesn’t work anymore for anyone in the country.
I think it’s important to develop privacy-enhancing tools that are not easily blocked.
I’m working on something called CrypTag, which allows you to use any file-syncing service (like Dropbox) to securely exchange information through. I’m also working on the same feature for image hosting sites like Imgur: by stuffing encrypted messages into images, you’ll be able to use any image hosting service as an encrypted chat server. But chat is just one obvious example application. There’s also document editing, sharing contacts, sharing bookmarks, and so on.
We need to make censorship infeasible by having many different ways of sending information around securely, rather than relying on centralized services. Then there won’t be just a couple websites that a government can block to prevent everyone from securely communicating.