The death of online privacy had already been proclaimed long before Edward Snowden landed in the international spotlight, but if it wasn’t confirmed back then, Snowden’s NSA revelations surely must have extinguished the last vestiges of hope in even the most die-hard optimists.
“We’re in a predicament,” Phil Zimmermann, Pretty Good Privacy creator and cofounder and president of Silent Circle, told LinuxInsider. “Everything we do on the Internet is being captured in a vast database — it’s a kind of Panopticon.
“We have to do something about this,” added Zimmermann, an Internet Hall of Fame inductee. “We have to push back in policy space as well as use countermeasures like encryption.”
Public policy changes rarely happen quickly, of course. In the meantime, those countermeasures are looking more and more like users’ best bet.
‘They’re Capturing Your Browsing’
“I’d recommend making phone calls with Silent Phone,” Zimmermann suggested, and “for email, PGP, GnuPG or something like it.”
As for other online activities, “there’s a lot of things you do on the Internet that leak information,” he added. “They’re capturing your Web browsing.”
SSL and TLS are both protocols Zimmermann recommended using.
In addition, the Tor Web browser is “a good idea,” he said. “I would recommend using Tor for visiting any website you would prefer to not have recorded.”
‘Deliberate Back Doors and Stupid Bugs’
On the road, if you’re in a place where there may be a lot of interception, Tor or a VPN can help protect privacy, though not all VPNs are equally secure, noted Zimmermann.
“I use open source OpenVPN, but you have to have a server somewhere to connect to, and that’s usually a paid service,” he pointed out.
In general, open source technologies tend to be a better bet, Zimmermann said.
“I’ve always recommended that people not trust any crypto software unless they publish the source code,” he explained, noting that the availability of that code serves as a sort of protection against both “deliberate back doors and stupid bugs.”
‘The Entire Reason Is to Protect Privacy’
Then, too, there’s the Blackphone, which was officially launched at this year’s Mobile World Congress by SGP Technologies, a joint venture between Silent Circle and Geeksphone.
“The entire reason for it to exist is to protect privacy,” Zimmermann said of the US$629 device, which includes Silent Phone, Silent Text, Tor and a VPN among its features.
“We’re putting a lot of effort into making it as good as we can in terms of the OS and apps and configuration, all toward protecting your privacy,” he said.
The Navy SEALs, U.S. Special Operations Command and Canadian Special Operations Regiment are all among the device’s users, Zimmerman said.
“We figured nobody would ever ask us to put a back door in if our own agencies were using it,” he added. “That strategy seems to be working.”
KPN Mobile is the inaugural launch carrier for Blackphone serving European regions including Belgium, the Netherlands and Germany.
“We’re hoping it will shame other European carriers into following their example,” Zimmermann said. “U.S. carriers will have to wake up and smell the coffee.”
At the same time, “whatever the level of cryptography you’re using, the NSA can probably break into your home network, install keyloggers and grab whatever they want — passwords, private PGP keys, screenshots, etc.,” Cyril Soler, a developer on the RetroShare project, told LinuxInsider.
“This is always easier than breaking the encryption,” he explained. “Their ability to do that is facilitated by the backdoors they probably force American companies to put into their hardware and software.”
RetroShare is an open source, cross-platform, “Friend-2-Friend” and secure decentralized communication platform that lets users securely chat and share files with others using a web of trust to authenticate peers and OpenSSL to encrypt all communication.
“RetroShare builds an F2F network and provides services on top of it — forums, channels, messaging, chat, IRC,” Soler explained.
Though the platform has not yet been audited for security, it does use open source libraries for the crypto portion of its technology, as Zimmermann recommends.
Among RetroShare’s guarantees:
- “Authenticated/secure communication between friends represented by their PGP key,” Soler noted. “RS also makes use of the PGP signing mechanism to build a web of trust among users.”
- “Anonymity of file transfers to/from non-friends using a tunneling system,” he added.
- “Authenticity or anonymity — depending on the user’s choice and type of service — of messages, posts on internal forums and channels, and messages in IRC chat rooms,” he said.
‘Do Not Use Google, Yahoo or Gmail’
The content of communications between two peers is difficult to figure out for an external observer, since “the stream is encrypted and authenticated, making it impossible for a third-party observer to hack SSL certificates in the middle,” Soler explained.
“Our SSL implementation uses perfect forward secrecy to ensure that it is impossible to decrypt a captured communication if the SSL keys get broken in a post process,” he added.
The main limitation of F2F systems in general is that “a spying agency that has the ability to snoop on Internet routers will know the topology of the network and how much data transits between nodes, and therefore can perform traffic correlation to figure out who talks to whom,” Soler noted.
“Things could be improved if building an F2F network over an anonymization proxy such as Tor,” he added. “RetroShare does not allow this yet, but it might in the future.”
Also common to F2F networks is that users must “build” their network by recruiting trusted friends to connect with.
“That takes some effort, and certainly slows down adoption,” Soler pointed out.
In the meantime, he advised, users with sensitive information on their computers should take a number of conservative steps:
- “Encrypt all your emails” — using Enigmail on Thunderbird, for example;
- “Do not use Microsoft nor Apple products and systems,” he advised. “This sounds like I hate these systems — I don’t. It’s not their fault”;
- “Do not buy hardware that is manufactured in or that transits in the U.S.”; and
- “Do not use Google, Yahoo or Gmail,” he concluded. “If you do, only use a very specific passphrase for these systems/services that you don’t use elsewhere.
“This sounded like paranoid talk before June 2013,” Soler added. “It doesn’t anymore.”
‘You Are the Product’
Online privacy is “in a poor state,” agreed McCall Paxton, a security operations center analyst with Rook Security.
“A great example is the many free tools and apps available,” Paxton told LinuxInsider. “If you are not paying for the product, you are the product. Even free online privacy tools still collect, use and sell your data.”
To mitigate the problem, “one of the first things to do is install plugins to your browser and check the settings,” he suggested.
Disabling third-party cookies is one good idea, he noted. In addition, “the first plugin I recommend is HTTPS Everywhere followed closely by Ghostery.”
‘You Would Be Surprised’
Next, “go to your mobile phone and go through the privacy settings for every app you have,” Paxton said. “You would be surprised what information some apps send out.”
At the same time, however, “people should be aware that despite the steps they personally take, there will likely always be some service or company that they use that will still track, collect and sell your information,” he warned. “Mobile carriers are a good example of this.”
The last thing, and “probably the most important, is educate yourself and others,” Paxton concluded. “You may take all the right steps, but if someone else doesn’t take the same, you will both trip.”
Building the Future
Can current technologies really help users avoid tripping on the toes of the NSA or others?
Well, “conspicuously absent from Snowden’s list was anything I’ve worked on,” Zimmermann noted.
As for where things go from here, “the best way to predict is to create the future,” he said. “Decide what kind of future you want, and work your butt off trying to get there.”