Tuesday, June 18, 2013

Becoming a Digital Ghost

In a recent online Q&A, Edward Snowden has this to say:

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

So what does he mean?  Many people who are less than tech savvy may not understand what he is talking about.  As someone who works as a software developer, I can answer this, to a degree.  Basically, you can use services that encrypt your data as it travels across the Internet.  Dropbox, for example, stores all the files you place there in an encrypted section of the Internet.  What this means is that accessing the data directly only leads to a garbled mess.

What he is saying is that if you use a good service that encrypts, which is a fancy term for mixing up your data in a manner that requires some kind of key to unlock it, you can usually beat the NSA or any other government service when they intercept it in transit.  Such an operation is not hard, as any Internet Service Provider, such as Comcast, is more than happy to comply with government demands.  However, Snowden does leave one final caution: endpoint security.

In a nutshell, endpoint security is where you actually access the data.  When you log in to your e-mail account, for example, your password is endpoint security.  Remember when there was a Firefox plugin released that could hack another machine on a public wireless network and store the login credentials you would use?  Well, that’s the kind of thing that Snowden is talking about.

Getting around this is not too hard, although it is still no guarantee.  First of all, make sure your passwords are secure with combinations of letters, numbers, and some other character.  I’ve found Keypass to be useful in storing passwords and logins if you can’t remember them all.  Secondly, never access private data on public networks.  Lastly, check over what OpenID services, such as Facebook or Twitter, allow external application access and disable or remove any you don’t recognize periodically.

As for the Internet itself, get Firefox with Ghostery, HTTPS Everywhere, and Adblock Plus.  If you want to get a little extreme, use NoScript and Self-Destructing Cookie.  And if you’re feeling really edgy, try loading the Tor network on your machine.

I caution, however, that once you start ghosting yourself on the Internet, you are more likely to be tagged by the Feds as a suspicious person.  Still, it may be worth doing if it means a little privacy.