back to article NSA, GCHQ and even Donald Trump are all after your data

As production and usage of data keeps growing globally, it’s worth remembering that the US government wants access to your information and will use warrants, decryption or hacking to get to it. That’s not news and the US government has many tools in its box. Many had already heard of the Uniting and Strengthening America by …

  1. Christopher Reeve's Horse

    "Our man advises"

    Correct me if I'm wrong, but you appeared to miss the bit where your man advises, and then you jumped straight to asking us for our ideas.

    1. Gray
      Holmes

      Re: "Our man advises"

      "you could follow the lead of the Russian intelligence service and use manual typewriters."

      About that typewriter: strip the ribbon and scissor it into bits, lest it be lifted from the bin and scanned. Prefer nylon cloth ribbons; and shun the carbon film ribbons. Inked cloth is very difficult to scan and ribbon reversals provide sufficient overstrikes to confuse the letter sequences; carbon film (IBM Selectric, etc) can easily be read by eyeball with a bit of patience.

      More secure is pen and paper, but never write upon a tablet. Always, always write upon a single sheet placed on a hard surface to avoid leaving an impression on the sheets beneath.

      Always write in longhand; with luck, nobody can decipher your handwriting.

      1. Anonymous Coward
        Anonymous Coward

        Re: "Our man advises"

        it’s worth remembering that the US government Obama wants access to your information and will use warrants, decryption or hacking to get to it.

        There, fixed it for ya!

      2. Mark 85

        Re: "Our man advises"

        Better than snipping... burn the ribbon.

      3. Anonymous Coward
        Anonymous Coward

        Re: "Our man advises"

        I always found writing in longhand in Welsh using Greek letters was pretty effective. Did this from Eastern Europe in the 1960s. Strangely, none of my postacards ever reached their intended recipients. But a lot of policemen probably wasted a lot of time. Which is what we should all aim for.

    2. ma1010
      Coat

      Re: "Our man advises"

      As an alternative to a manual typewriter, you could use a Memex (as Angleton in Charles Stross' excellent Laundry series does). Finding one for sale might be a bit tricky, but if you're REALLY dedicated, you could build your own.

      Mine's the one with the microfiche in the pocket.

  2. Anonymous Coward
    Anonymous Coward

    Our man advises

    have a clear data management policy, collecting only the data that you actually need and then for only as long as you need it, destroying the data you don’t need. Maybe you should then encrypt the data you do want

    What is this text for? It's just recycled no-news with the bleeding obvious end paragraph or two for an "advice" :(

    1. Frank Jennings - The Cloud Lawyer

      Re: Our man advises

      Haha, yes, it's no-news and bleeding obvious. And so is the statement that snooping by intelligence agencies is a fact of modern life. Guess you'll be heading to that Scottish croft then...

  3. Anonymous Coward
    Anonymous Coward

    Minimise your exposure

    so that the data gathered is kept to a minimum.

    So

    1) come off ALL forms of Social Media. This is an Advertisers wet dream of a never ending data source.

    What goes to Ad slurpers also goes to the spooks (naturally)

    2) Never use your real name when signing up for things.

    3) Use disposable email accounts when sigining up for things

    4) ALWAYS decline marketing communications

    5) Just be circumspect what you post anywhere. Don't let out details that can pinpoint where you live especially if you are discussing going on holiday.

    Keep Calm, Think before you post.

    1. Mark #255
      Coat

      Re: Minimise your exposure

      I was slightly impressed that this week I had a promoted tweet in my feed from <one of the acts on Later with Jools Holland>, presumably because I follow <one of the other acts on LwJH>.

      Oh bugger, I've just admitted I like music that ends up on Later...

    2. Charles 9

      Re: Minimise your exposure

      But what if you're BUYING something? By law, that requires real details to verify your transaction and/or get your delivery.

      1. Anonymous Coward
        Anonymous Coward

        Re: Minimise your exposure

        Yes that is true but if you are careful the Ad slingers (and thus the Gov TLA's) won't get a clear picture on you, your life, and everything.

        I use cash a lot more now that I did even three years ago. No CC/Debit card history. A lot less of your life is exposed to data collection/slurping.

        Even doing web browsing using Private modes helps stop your life from leaking out into the big bad world.

        1. Anonymous Coward
          Anonymous Coward

          Re: Minimise your exposure

          "Even doing web browsing using Private modes helps stop your life from leaking out into the big bad world."

          Guess you never heard of DE-anonymization, and it's becoming a lot easier to do, to the point that if they encounter an ephemeral identity, they can bank it away and just let the clues slip in until the whole shebang is connected (say the IP that doesn't change when you switch to Private Browsing Mode) and BANG! The game is up. Remember, the de-anonymizers have more resources than you AND at least as much motivation to unmask you as you do to stay masked.

  4. FuzzyWuzzys
    Facepalm

    Never do anything remotely useful or productive on the Internet, which pretty much covers 95% of the the human race, then the spooks can have a fun time wading through emails to Auntie Joan and the kids about their last holiday and snapshots of Sharon and John who got utterly pissed last week and took photos of themselves sitting on a park bench at midnight!

    The biggest problem is not what you put on the internet, most of us put nothing on the internet of much use to the spooks, the real problem is the government themselves. They have plans like putting your medical history online for Google, Yahoo or whomever to look after. The Gov put your driving license record history online, they make the schools put your kids school records online, this the stuff that needs proper control but sadly the Gov are putting stuff online, snooping on their own data ( combined with aforementioned snaps at Auntie Joan's wedding from Facebook ), putting it on USB keys and leaving it on the back of taxi cabs AND then they have the gall to tell us to be more careful without our personal data!!

    1. John G Imrie
      Happy

      Re: Sharon and John

      So that was her name, thanks.

    2. Buzzword

      On the contrary: do absolutely everything online, including stuff that you aren't really doing. For example email Auntie Joan (who doesn't really exist) about your holiday to Colombia (which never really happened).

      Then embiggen it: write a script which scrapes random texts off the internet, and sends them (via email/Facebook/Twitter/whatever) to random accounts which you have set up for this purpose. The spooks will be drowning in so much noise that they'll never be able to figure out which messages are real.

      1. Charles 9

        "Then embiggen it: write a script which scrapes random texts off the internet, and sends them (via email/Facebook/Twitter/whatever) to random accounts which you have set up for this purpose. The spooks will be drowning in so much noise that they'll never be able to figure out which messages are real."

        Or they learn how to sift out the chaff and figure out from other clues which messages are real and which are not (say, only pay attention to messages with common typos or ones that get germane replies). Don't underestimate the power of a State with a lot of resources and the motivation to de-anonymize you.

  5. Anonymous Coward
    Anonymous Coward

    I give up....

    .....<Surrender>....

  6. MrCurious

    For anonymity use TAILS or Whonix (both have slightly different goals).

    For security (make yourself a really hard/costly target) there is Qubes OS.

    Never give your real details to websites.

    1. Tom Paine

      Never give your real details to websites.

      I think I've just worked out why none of my christmas shopping arrived from Amazon.

    2. Law

      "Never give your real details to websites"

      Done!!

      Now... where's my road tax renewal... oh crap!

      Ah well... at least now I have time to apply for that new job... bugger!!

      This no real names on websites is hard!!

  7. Duncan Macdonald
    Mushroom

    Waste their time

    Send lots of heavily encrypted messages that when decrypted turn out to be bits of the Bible or Koran.

    A few non-encrypted message attachments that contain weapon or rocket details extracted from public US documents should ensure that the spooks try to decrypt the rest of the messages. Send the messages to an Iranian embassy for even more amusement.

    1. Tom Paine

      Re: Waste their time

      Why would you want to deliberately waste spooks' time? That's my tax pounds going up in smoke!

    2. Mephistro
      Thumb Up

      Re: Waste their time (@ Duncan Macdonald)

      Great idea!

      I'd only like to add two suggestions:

      - In the part about goading the ferals into decripting the other files, let those files contain mostly-random bytes only, and don't use an extension in the file name, as to force them to try all known -and unknown- encryption formats . A file named "Allah_Akbar_dd/mm/yyyy" where the date is a few days in the future would probably have your files being inspected by actual humans in less than a minute! And it'll keep them busy for weeks! :-D

      - And use the Tor network, for obvious reasons.

    3. Anonymous Coward
      Anonymous Coward

      Re: Waste their time

      Add 'Jihad ' to the header of every message. Generate messages automatically.

  8. Anonymous Coward
    Stop

    Even worse...

    "it’s worth remembering that the US government wants access to your information and will use warrants, decryption or hacking to get to it."

    Have we already forgotten about all the data which the US demands gets handed over from whoever is visiting the country or did you guys simply ignore so that it doesn't look too bad?

    If you want to visit the US from Europe and you apply for a visa then they even reserve the rights to look at your bank accounts and go through your whole financial administration. Guilty until proven innocent. And the EU is even more than willing to help them with it. Of course there was a little uproar when the EU considered asking the same from US citizens, that was obviously a blatant intrusion on their privacy.

    As to snooping: agreed. You'll even get on their radar if you do something as simple as maintaining a VPN between server home servers. Because that sure looks suspicious! (when IPsec/OpenSWAN was just out a group of friends and me decided to put it to the test and we connected our Linux boxes using a VPN to goof around. Even build our own root DNS server (yes, we're geeks) and a crude (controlled!) gateway. at one time one of our US friends/peers got a visit from 'certain people' to inquire about the increase in encrypted traffic from his home Internet connection, and this was all long before 9/11 mind you!).

    1. MachDiamond Silver badge

      Re: Even worse...

      If the US Secretary of State and presidential candidate isn't going to do something so tricky as encrypt her communications, you shouldn't either.

  9. Doctor Syntax Silver badge

    "Then along came Privacy Shield which, after a false start, addressed data protection concerns"

    This doesn't even begin to make sense. It's false through and through and doesn't in the least address data protection concerns. That's why I refer to it as a fig-leaf, not a shield. I'm quite sure it will be torn down by the ECJ.

  10. Doctor Syntax Silver badge

    'His Trumpness wants Apple to make its "damn computers and things" in America'

    I'm sure that if push came to shove Apple could decide to cease to be an American company. All it would have to do would be to go where its money-bags are currently lodged.

    1. Mark 85
      Devil

      Well... he should set an example then like have his Trump branded products made in the States....

      1. Anonymous Coward
        Anonymous Coward

        Trumpery

        On present form, using Chinese steel and aluminium.

  11. smudge
    Black Helicopters

    No hiding place

    Or you could live in a Scottish croft with no internet access...

    You'd probably have an intercept station as your neighbour.

    Anyway, use of advanced telecommunications - radio, internet, etc - has long been a vital part of life in remote areas of Scotland (and other lands). So good luck in finding that unconnected croft.

    1. Spanners Silver badge
      Big Brother

      Re: No hiding place

      long been a vital part of life in remote areas

      Although I come from Orkney, I live in what I regard as "the south", not far from Coventry in fact. I regularly come across people around here who say that they are too remote to get email! My old family home there has access to some seriously fast fibre.

      No the North Isles are not suitable for wannabe Robinson Crusoes.

      1. Charles 9

        Re: No hiding place

        Anyplace remote enough to have no connections, wired or not, would still be within view of a satellite or spy plane.

  12. Tom Paine

    What to do?

    To reduce the likelihood of being snooped by intelligence you could follow the lead of the Russian intelligence service and use manual typewriters. Or... [etc]

    In the wise words of Mr Townsend, "why should I care?"

    Srsly, the more effort you put into trying to protect your privacy, the more you will stand out as probably having something to hide. If, as seems a reasonable assumption, you DON'T have anything to hide, you're just wasting valuable intel analyst's time whilst they check whether you're a terrorist or criminal Mr Big, or just someone with better skills with technology than threat assessment.

    Note: this is NOT an argument about whether or not the TLAs actually need the ability to dip into your mail, or ; I'm talking about you and me, now, on the assumption that we're just going about our normal business.

    1. Anonymous Coward
      Anonymous Coward

      there was a "Mock The Week" a couple of weeks ago with "Unlikely Things to read in the Small Ads". One of the panel said "Wanted: the Internet, as I seem to be the only person in the whole world using the small ads".

      maybe that will change .....

    2. Spanners Silver badge
      Black Helicopters

      @Tom Paine

      Perhaps everyone who knows that they "have nothing to hide" should start using encryption?

    3. Anonymous Coward
      Anonymous Coward

      The argument for keeping your own personal life private is that you never know who may gain control of the levers of power in the future.

      It is a responsibility of any democratically elected government to tie their own hands by not enabling something which could be easily abused later.

      1. Charles 9

        Problem is, human ingenuity ensures ANYTHING can be abused, meaning there's no escape.

        1. Anonymous Coward
          Anonymous Coward

          "[...] human ingenuity ensures ANYTHING can be abused, [...]"

          Agreed - but you don't have to make it easy for them on day one. If they have to start initiating the surveillance when they get power then they don't have any prior accumulated data. People then also have a chance to try to avoid the new surveillance.

          1. Charles 9

            "Agreed - but you don't have to make it easy for them on day one. If they have to start initiating the surveillance when they get power then they don't have any prior accumulated data. People then also have a chance to try to avoid the new surveillance."

            Problem is they're patient. Whether it's on day one or day one million, they can get to you eventually. Since they can play the long game (or cheat), you have to wonder if it's really worth it in the end.

    4. MachDiamond Silver badge

      Tom Paine, protecting your security starts simply with not posting you personal information online. Ween yourself from using a debit/credit card as much as you can (carrying a wee bit of cash is a great way to keep on your budget).

  13. PaulAb

    M I 6 pence worth

    I's Is sure my my frien Ira would'nt need t' worry Nor Aid anyone who tried to get it. C I Always think that these organisations are really very freindly and M I 5 children have nothing to worry about, it's all for our own good. N-Suring Anonimity of the general public I'm sure is their top priority, anyway must go I have some daesh's to wash up, shame as it's very Sunni here.

    ......Just waiting for the knock

    1. Mephistro
      Coffee/keyboard

      Re: M I 6 pence worth

      KNOCK! KNOCK!

      1. Anonymous Coward
        Anonymous Coward

        Re: M I 6 pence worth

        Jihad enough yet?

  14. Mephistro
    Joke

    The NSA must be practically living in the "Wargame" player's forums nowadays!

  15. PPowell

    Is the world being run by idiots, or are the USA allied countries purposely trying to help the Islamic State take over? Like how the USA armed and trained Islamic extremists in Afghanistan to get one over on Russia. There are pictures of the Islamic State driving around Syria in new Toyota trucks the USA claims were sent to groups wanting to overthrow Assad.There are Christians in Syria under Assad who still speak Aramaic, the language Jesus spoke. The USA want us to support them arming the Islamic State against Assad. They want us to think the NHS eye doctor Assad who had no ambitions of leadership, hence why he spent years training in medicine before his father put him in the job and his British born wife who worked for a bank, are worthy of more support to be overthrown than Saudi Arabia, where women don't have full rights as humans. USA couldn't care what the most backward and repressive country Saudi Arabia do. Maybe they want it to be like Libya where since we helped murder Gaddafi, Islamic extremists are going over the border to Tunisia to shoot tourists.

  16. ritey

    Lie about absolutely everything. All my data is junk.

    1. Charles 9

      How do you get stuff delivered to you if you lie about your credit card info OR your delivery address? And don't say you buy exclusively brick-and-mortar because more and more things can ONLY be shipped these days.

    2. DCLXV

      Aye, my mater's maiden name is /dev/urandom

  17. Anonymous Coward
    Anonymous Coward

    STASI (plus business snoopers)

    Looks like every communications company in the world - in addition to the NSA, GCHQ and all the other governmental bad actors - has deployed snooping technology:

    - https://theintercept.com/2016/10/23/endace-mass-surveillance-gchq-governments/

    Note also that the evidence goes back to around 2011. I wonder how much more of our legitimate privacy has been invaded since then? It's also interesting that Theresa May, while Home Secretary, suggested that the UK should abandon the European Convention on Human Rights, and get out of the clutches of the European Court of Human Rights. Now we know why.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like