"Our man advises"
Correct me if I'm wrong, but you appeared to miss the bit where your man advises, and then you jumped straight to asking us for our ideas.
As production and usage of data keeps growing globally, it’s worth remembering that the US government wants access to your information and will use warrants, decryption or hacking to get to it. That’s not news and the US government has many tools in its box. Many had already heard of the Uniting and Strengthening America by …
"you could follow the lead of the Russian intelligence service and use manual typewriters."
About that typewriter: strip the ribbon and scissor it into bits, lest it be lifted from the bin and scanned. Prefer nylon cloth ribbons; and shun the carbon film ribbons. Inked cloth is very difficult to scan and ribbon reversals provide sufficient overstrikes to confuse the letter sequences; carbon film (IBM Selectric, etc) can easily be read by eyeball with a bit of patience.
More secure is pen and paper, but never write upon a tablet. Always, always write upon a single sheet placed on a hard surface to avoid leaving an impression on the sheets beneath.
Always write in longhand; with luck, nobody can decipher your handwriting.
I always found writing in longhand in Welsh using Greek letters was pretty effective. Did this from Eastern Europe in the 1960s. Strangely, none of my postacards ever reached their intended recipients. But a lot of policemen probably wasted a lot of time. Which is what we should all aim for.
As an alternative to a manual typewriter, you could use a Memex (as Angleton in Charles Stross' excellent Laundry series does). Finding one for sale might be a bit tricky, but if you're REALLY dedicated, you could build your own.
Mine's the one with the microfiche in the pocket.
have a clear data management policy, collecting only the data that you actually need and then for only as long as you need it, destroying the data you don’t need. Maybe you should then encrypt the data you do want
What is this text for? It's just recycled no-news with the bleeding obvious end paragraph or two for an "advice" :(
so that the data gathered is kept to a minimum.
1) come off ALL forms of Social Media. This is an Advertisers wet dream of a never ending data source.
What goes to Ad slurpers also goes to the spooks (naturally)
2) Never use your real name when signing up for things.
3) Use disposable email accounts when sigining up for things
4) ALWAYS decline marketing communications
5) Just be circumspect what you post anywhere. Don't let out details that can pinpoint where you live especially if you are discussing going on holiday.
Keep Calm, Think before you post.
Yes that is true but if you are careful the Ad slingers (and thus the Gov TLA's) won't get a clear picture on you, your life, and everything.
I use cash a lot more now that I did even three years ago. No CC/Debit card history. A lot less of your life is exposed to data collection/slurping.
Even doing web browsing using Private modes helps stop your life from leaking out into the big bad world.
"Even doing web browsing using Private modes helps stop your life from leaking out into the big bad world."
Guess you never heard of DE-anonymization, and it's becoming a lot easier to do, to the point that if they encounter an ephemeral identity, they can bank it away and just let the clues slip in until the whole shebang is connected (say the IP that doesn't change when you switch to Private Browsing Mode) and BANG! The game is up. Remember, the de-anonymizers have more resources than you AND at least as much motivation to unmask you as you do to stay masked.
Never do anything remotely useful or productive on the Internet, which pretty much covers 95% of the the human race, then the spooks can have a fun time wading through emails to Auntie Joan and the kids about their last holiday and snapshots of Sharon and John who got utterly pissed last week and took photos of themselves sitting on a park bench at midnight!
The biggest problem is not what you put on the internet, most of us put nothing on the internet of much use to the spooks, the real problem is the government themselves. They have plans like putting your medical history online for Google, Yahoo or whomever to look after. The Gov put your driving license record history online, they make the schools put your kids school records online, this the stuff that needs proper control but sadly the Gov are putting stuff online, snooping on their own data ( combined with aforementioned snaps at Auntie Joan's wedding from Facebook ), putting it on USB keys and leaving it on the back of taxi cabs AND then they have the gall to tell us to be more careful without our personal data!!
On the contrary: do absolutely everything online, including stuff that you aren't really doing. For example email Auntie Joan (who doesn't really exist) about your holiday to Colombia (which never really happened).
Then embiggen it: write a script which scrapes random texts off the internet, and sends them (via email/Facebook/Twitter/whatever) to random accounts which you have set up for this purpose. The spooks will be drowning in so much noise that they'll never be able to figure out which messages are real.
"Then embiggen it: write a script which scrapes random texts off the internet, and sends them (via email/Facebook/Twitter/whatever) to random accounts which you have set up for this purpose. The spooks will be drowning in so much noise that they'll never be able to figure out which messages are real."
Or they learn how to sift out the chaff and figure out from other clues which messages are real and which are not (say, only pay attention to messages with common typos or ones that get germane replies). Don't underestimate the power of a State with a lot of resources and the motivation to de-anonymize you.
Send lots of heavily encrypted messages that when decrypted turn out to be bits of the Bible or Koran.
A few non-encrypted message attachments that contain weapon or rocket details extracted from public US documents should ensure that the spooks try to decrypt the rest of the messages. Send the messages to an Iranian embassy for even more amusement.
I'd only like to add two suggestions:
- In the part about goading the ferals into decripting the other files, let those files contain mostly-random bytes only, and don't use an extension in the file name, as to force them to try all known -and unknown- encryption formats . A file named "Allah_Akbar_dd/mm/yyyy" where the date is a few days in the future would probably have your files being inspected by actual humans in less than a minute! And it'll keep them busy for weeks! :-D
- And use the Tor network, for obvious reasons.
"it’s worth remembering that the US government wants access to your information and will use warrants, decryption or hacking to get to it."
Have we already forgotten about all the data which the US demands gets handed over from whoever is visiting the country or did you guys simply ignore so that it doesn't look too bad?
If you want to visit the US from Europe and you apply for a visa then they even reserve the rights to look at your bank accounts and go through your whole financial administration. Guilty until proven innocent. And the EU is even more than willing to help them with it. Of course there was a little uproar when the EU considered asking the same from US citizens, that was obviously a blatant intrusion on their privacy.
As to snooping: agreed. You'll even get on their radar if you do something as simple as maintaining a VPN between server home servers. Because that sure looks suspicious! (when IPsec/OpenSWAN was just out a group of friends and me decided to put it to the test and we connected our Linux boxes using a VPN to goof around. Even build our own root DNS server (yes, we're geeks) and a crude (controlled!) gateway. at one time one of our US friends/peers got a visit from 'certain people' to inquire about the increase in encrypted traffic from his home Internet connection, and this was all long before 9/11 mind you!).
"Then along came Privacy Shield which, after a false start, addressed data protection concerns"
This doesn't even begin to make sense. It's false through and through and doesn't in the least address data protection concerns. That's why I refer to it as a fig-leaf, not a shield. I'm quite sure it will be torn down by the ECJ.
Or you could live in a Scottish croft with no internet access...
You'd probably have an intercept station as your neighbour.
Anyway, use of advanced telecommunications - radio, internet, etc - has long been a vital part of life in remote areas of Scotland (and other lands). So good luck in finding that unconnected croft.
long been a vital part of life in remote areas
Although I come from Orkney, I live in what I regard as "the south", not far from Coventry in fact. I regularly come across people around here who say that they are too remote to get email! My old family home there has access to some seriously fast fibre.
No the North Isles are not suitable for wannabe Robinson Crusoes.
What to do?
To reduce the likelihood of being snooped by intelligence you could follow the lead of the Russian intelligence service and use manual typewriters. Or... [etc]
In the wise words of Mr Townsend, "why should I care?"
Srsly, the more effort you put into trying to protect your privacy, the more you will stand out as probably having something to hide. If, as seems a reasonable assumption, you DON'T have anything to hide, you're just wasting valuable intel analyst's time whilst they check whether you're a terrorist or criminal Mr Big, or just someone with better skills with technology than threat assessment.
Note: this is NOT an argument about whether or not the TLAs actually need the ability to dip into your mail, or ; I'm talking about you and me, now, on the assumption that we're just going about our normal business.
"[...] human ingenuity ensures ANYTHING can be abused, [...]"
Agreed - but you don't have to make it easy for them on day one. If they have to start initiating the surveillance when they get power then they don't have any prior accumulated data. People then also have a chance to try to avoid the new surveillance.
"Agreed - but you don't have to make it easy for them on day one. If they have to start initiating the surveillance when they get power then they don't have any prior accumulated data. People then also have a chance to try to avoid the new surveillance."
Problem is they're patient. Whether it's on day one or day one million, they can get to you eventually. Since they can play the long game (or cheat), you have to wonder if it's really worth it in the end.
I's Is sure my my frien Ira would'nt need t' worry Nor Aid anyone who tried to get it. C I Always think that these organisations are really very freindly and M I 5 children have nothing to worry about, it's all for our own good. N-Suring Anonimity of the general public I'm sure is their top priority, anyway must go I have some daesh's to wash up, shame as it's very Sunni here.
......Just waiting for the knock
Is the world being run by idiots, or are the USA allied countries purposely trying to help the Islamic State take over? Like how the USA armed and trained Islamic extremists in Afghanistan to get one over on Russia. There are pictures of the Islamic State driving around Syria in new Toyota trucks the USA claims were sent to groups wanting to overthrow Assad.There are Christians in Syria under Assad who still speak Aramaic, the language Jesus spoke. The USA want us to support them arming the Islamic State against Assad. They want us to think the NHS eye doctor Assad who had no ambitions of leadership, hence why he spent years training in medicine before his father put him in the job and his British born wife who worked for a bank, are worthy of more support to be overthrown than Saudi Arabia, where women don't have full rights as humans. USA couldn't care what the most backward and repressive country Saudi Arabia do. Maybe they want it to be like Libya where since we helped murder Gaddafi, Islamic extremists are going over the border to Tunisia to shoot tourists.
Looks like every communications company in the world - in addition to the NSA, GCHQ and all the other governmental bad actors - has deployed snooping technology:
Note also that the evidence goes back to around 2011. I wonder how much more of our legitimate privacy has been invaded since then? It's also interesting that Theresa May, while Home Secretary, suggested that the UK should abandon the European Convention on Human Rights, and get out of the clutches of the European Court of Human Rights. Now we know why.
Biting the hand that feeds IT © 1998–2019