Today, February 11, is The Day We Fight Back Against Mass Surveillance. I’ll leave it to you to visit the link and contact your elected officials (Congressman Gibson will likely be receptive). Many people and organizations are behind this first drive to pass the USA Freedom Act and implement other reforms to reign in NSA spying.
What I’d like to do in this post is give you a brief outline of how to do a better job of protecting your privacy online.
First, a word of warning: there is currently no foolproof way to guarantee your privacy, online or anywhere else. But a lot of talented people are working to change that, and I think we can look forward to better privacy safeguards down the road. I hope we can, anyway.
It makes a difference which operating system you use. Windows is far and away the most vulnerable, but both Microsoft and Apple have likely cooperated with the NSA despite their official denials. I’d trust OS X over Windows, but the open source Linux is safer than either.
I’m sure most of you aren’t going to switch to Linux to gain increased privacy online—there are a fair number of technical hurdles involved for ordinary users. That being the case, you need to pay attention to the software you use.
Open source software is safer than proprietary software. This is true for the simple reason that anyone can view the code. Therefore, you should use open source apps whenever possible.
Internet Browsing Software
Firefox is the only major open source browser. It is safer than Microsoft’s Internet Explorer, Google’s Chrome or Apple’s Safari. It is safer still if you use the HTTPS Everywhere extension, which encrypts connections to many sites. Still, even with Firefox, your browsing isn’t truly safe.
For genuinely safe browsing, use the Tor Browser Bundle. Tor software hides your location and prevents anyone from seeing your web travels or logging your web searches. The browser itself is based on an enhanced version of Firefox. The Tor Browser Bundle is easy to install, easy to use and available for all platforms. Even today, it should protect your browsing from the NSA.
Currently, email—like chat or any social network—is pretty much a lost cause. It’s not safe, period. If you want to have minimal protection, then use the open source Thunderbird (from Mozilla, like Firefox) in conjunction with GnuPG encryption (Thunderbird has a plugin to enable this). But real security is down the road a ways, in the form of projects like Dark Mail.
Like Dropbox? So do I—but it and every other cloud storage provider has been targeted by the NSA. A safer alternative may be BitTorrent Sync, currently in beta. Because this service doesn’t store your files on a company-controlled server (or any server, for that matter), your data should theoretically be safer.
Bear in mind, though, that the NSA has succeeded in shipping computers from name-brand manufacturers with secret radio transmitters inside. These machines are compromised even if they never connect to the Internet. And if the NSA should decide to target you through a back door built into Windows or OS X to install a keylogger on your machine, there’s absolutely nothing that can help you. That’s how bad the situation currently is, and why we need serious reforms.