16 January 2015

Vexing the Snoops

There are a ton of interesting things in the recent congressional report on the NSA's rampant spying on the communications of the American public.  Now, like most normal folks, I don't have much of anything to hide, unless you count my obsession with cute cat photos or the time that I was really drunk and somehow thought that it would be a good idea to order workout-boosting supplements online from a sketchy "all-natural" vendor.  It took me two hours on the phone to cancel that junk...

But, I do believe that I have a basic right to privacy, and that exercising such a right at my discretion does not in any way form a legal justification that I have something to hide.  I have the right to have a private conversation with my friends without even having to wonder if some employee of the federal government will be reading that conversation at a later time.

To that end, I dug through the congressional report with the goal of finding out which privacy and anonymity technologies frustrate the NSA.  The short (and unpleasant answer): there is no single security technology available to typical consumers today that, alone, reliably protects against privacy intrusion.

There is hope, however.  Several technologies are mentioned in the report as being reasonably effective if deployed properly.  Furthermore, there are some basic strategies to ensure that your personal ramblings aren't the laughing-stock of the NSA water cooler.

Do Not:

  • Have any expectation of privacy when using major online services, like Google, Facebook, AIM, etc.  Just because you see that little padlock in your web browser doesn't mean your communications are safe.  In fact, the congressional report suggests that TLS alone, even with the latest protocols, is pretty much a joke, because the NSA has gained access to the data at the servers themselves.
  • Attempt to secure all communication.  If your communication at work or school, or between yourself and your doctor, is already covered by FOIA, FERPA, or HIPAA, then there's not much point in going security-crazy, as all of those already have legal access mechanisms built in.
  • Conduct any illegitimate commerce or business using ultra-secure communication mechanisms.  Uncle Sam gets really angry when he doesn't get his tax dollars, and that's likely to make you a priority target.  Oh, and don't be a terrorist- that'll do it too.  Once your sketchy commerce has been cracked open, which it almost inevitably will be, viz. Silk Road, your really embarrassing personal details are likely to follow suit.  In court.
  • Reveal extensive personal details about your life, identity, occupation, family, etc. to unknown persons, no matter how tempting it might be.
Do:
  • Take intelligent, informed steps to protect your personal, private, communication from prying eyes (more details on this to follow)
  • Feel free and unfettered to discuss whatever you want to discuss, even highly taboo or controversial subjects, provided that you take basic precautions.  The free and open exchange of ideas is the cornerstone of a free and open society, and fear of who might be listening should never hinder you in this regard.
  • Develop a close and trusted network of confidantes, with whom you trade secrets for secrets, dialog for dialog, idea for idea.

Now, the hot question of the day- how can one truly secure online communications in 2015?  Guess what- it is possible, but it's neither convenient nor fool-proof.  Convenience and security are mutually exclusive, and each time you augment one, you diminish the other.  That's the way it works- get over it.  To secure your online communications, the trick is simple: use layers.  In fact, layer like you're stepping out of a tent into an Antarctic Winter to go p*ss beside a frozen waterfall.

Examples of some good things to layer:
  • OTR (Off-the-Record) messaging: OTR can sit on top of virtually any other instant messaging protocol, including XMPP (Facebook, Google Talk, et al.), AIM, MSN, Yahoo!, and many more.  When used properly, it provides two-way trust relationships with your buddy, session encryption of messages, and perfect forward secrecy (which is really important in the age of supercomputers).
  • Tor (The Onion Router network): Tor is an anonymizing "hidden network" within the public Internet that, again, when used properly, allows two parties to communicate with reasonable security.  It's often abused to access public websites which store all sorts of unique data on you in other ways, but when your communication stays within the Tor network it's a reasonably effective tool, when layered with other mechanisms.
  • PGP (Pretty Good Privacy): it's a decades-old encryption technique utilizing public-key cryptography  that the recent report surprisingly suggests can still stymie snoops in some scenarios.  Like your house keys, however, you have to keep your PGP private keys secure, or all bets are off!
  • FDE (full-disk encryption) and/or FBE (file-based encryption): once an attacker has physical access to your computing devices, like your laptop, desktop, or mobile phone, all bets are off unless you're using comprehensive encryption.  Think that Windows or OS X login password alone protects you?  Think again- I can get past those in less than three minutes in most cases, and that's just as a casual effort.  If it's that easy for me, imagine how quickly an NSA snoop or a malicious hacker could do it, unless you pair a strong password with strong encryption... and even that's not a complete guarantee (hence the layering)
Using any two of those together is probably sufficient for most private communication- preferably combining a forward secrecy technology like OTR or Tor with a physical access protection like FileVault 2, Bitlocker, or eCryptFS.  If you want an extra layer of security, as a buffer, pick three.  Here are some examples, ranging from easiest to most difficult (note that all of these require your friends to have similar capability):

Easy: Turn on Bitlocker or FileVault 2, with strong passwords, and use OTR for your IM conversations with friends.  Make sure they have disk encryption enabled as well!

Moderate:
using Tor and Privoxy, create a free online e-mail account (make sure to set it up through Tor and only access it that way as well), and encrypt all the messages you send and receive with trustworthy PGP software, encrypting your private keys with strong passwords.

Difficult: Turn on FDE or FBE, set up your own XMPP micro-server with federation over Tor, and communicate with your friends' micro-servers via Onion hidden services, using OTR on your IM client(s).

So, to summarize, there's no such thing as guaranteed privacy.  Having said that, avoiding "high-risk activities," and using some of the privacy tricks mentioned above, can help ensure that your private communications stay... well... private!

No comments:

Post a Comment

Your comments are welcome. Please keep them professional, courteous, and respectful of the blog author and of other commentors.