The Electronic Frontier Foundation has launched a new website called “Surveillence Self Defense,” designed to offer advice about the capabilities of US law enforcement and government surveillence capabilities, and the things people can do to defend themselves. While this is a US-centric site, it offers good information. Read it well.
One of the areas they discuss that I do have issues with is data encryption. Now, on my little netbook – the computer I carry about in my bag – I have the entire hard disk encrypted. The only reason for this is to prevent some thieving scumbag from reading my email should he get his slimy mits on it. It’s not to prevent law enforcement from reading it, because if I refuse the give up the passwords, they’ll just throw me in prison.
So, as a general rule, unless you are carrying your personal data around with you, I would say forget about encryption.
A much better strategy is to emulate the supermarket loyalty card campaign that ran a few years ago. It worked by people applying for loyalty cards and using them. Cards were swapped from time to time randomly between the participants, poisoning the database.
This is the better strategy. Instead of trying to hide what you are doing, get it out in the open. But surround it with useless junk that the surveillence spooks have to process. Flood them by making phone calls and sending emails with bogus content, building websites and blogs, notifications of spoof demonstrations, FOI requests, bogus intelligence and any other thing you can think of which causes them to have to inspect the data using a human being rather than a computer.
Aim for total information overload, rather than total information awareness.
While this is a great strategy in general, there is, of course, a line to be drawn. That line is the threshold of my own home and its contents.
So when I hear of powers such as the UK police have had newly introduced – for example the ability to legally (not lawfully) hack into your computer without your consent or knowledge, that’s a step too far. Why should these idiots have access to my bank account information, passwords and the rest? Are they going to protect the data they gather, or are they just going to end up with another database they can leave on a train? As far as I am concerned, if they want access to my computers, they need due cause and a search warrant, no matter what the Home Office says.
So on this specific issue, I would recommend getting yourself a decent firewall (if you’ll excuse the advertisement). There are no guarantees, of course, but the better the firewall the harder it is for them to access your stuff remotely without your knowledge. The firewall on a standard adsl modem just doesn’t cut it – more often than not, it’s not even switched on.
This post is tagged databases, surveillence
Good post and a very valid point made.
For every measure they introduce to keep tabs on us and control us, we can corrupt it with in the law. Find a weak link. Issue an Access Request under the Data Protection Act to a particular company what works CCTV for the footage of you, making careful note of the exact location and time. Once you get a response, spread the word! Get as many people as possible to do it, there is always a cost involved to them.
When the signs of weakness appear, some people are waiting weeks and months for footage, some are ignored. Then the initial successfully attempts can be used as evidence to say ‘hey I got mine in 2 weeks, Data protection Act says I am entitled to it, why now cant the next person get theirs’. Then the cracks get bigger and bigger.
Can you imagine if thousands of people did this? It would soon make the costs of running the CCTV system sky rocket. I’d start with the congestion charge zone. I dont drive so it doesn’t affect me, but thats not the point. We are all in this together for a better society and way of life and freedom. Bombard them for the footage, even if it’s at the times the charge isn’t applicable, because they are STILL recording.
The Police are more than happy to send FOI requests to TFL for oyster card usage, Hundreds of thousands of requests. We should boycot them aswell. Its not cheaper if you use them , thats Orwellian talk, its MORE EXPENSIVE if you dont. You are untraceable with paper tickets, credit cards, loyality cards etc. Anything involving a card…BIN IT!
Until the technology is in the hands of people we can trust and it is regulated properly and your permission is requested for it’s use, we should dump all their silly schemes.
Biometric passports can be read using software on a home PC/MAC if you know what you are doing of course. How is this safer? Microchipped people. This can be hacked as well and the information transferred to a blank chip and inbedded in someone else!
This is not adding more security, it is actually taking it away. The human race is so cunning and clever that we find ways to clone, copy and defraud anything. Crazy!
These are my thoughts for today. Thanks for reading.
Viva La Revolution!
MM
Mike, thats an ingenius idea! Apparently the best way to outrun a crocodile is to run in a zig zag motion to as to confuse the hungry croc. I think there is alot to be learnt from that.
You maybe surprised to know your compromised every time you use the phone, computer, drive, walk in public and most mistakenly beleive you are in the privacy of your home. With the law making tv now digital, they have entered your domain by the tv signal manipulating your neural network. To make matters even worse, law enforcement now has the technology in hand to view into your home from outside and locate your position as well as let them see what you are doing.
You don’t have to beleive me. But think about it and ponder what they, who make the laws and tell you deceptive explanations for the reasons behind what they are doing. Do you really want to take there word for it or be informed by others who know whats happening.
The device to look into your home was revealed to me by a law enforcement officer who was given training for three days on the use of this device. His words when explaining the use of this device was “unbelievable”, it sees and shows everything.
And I think you should learn how to spell.
Never begin a sentence with ‘And’ especially when being critical of others grammar
Now I know why Jesus wept……
There are ways to get Boogle’s web spiders to generate traffic for you while poisoning their database.
Lead paint or space blankets, they will block out the infrared scanning.
I love a good pub/bar with so much lead paint on the walls that you cant get a phone signal. Especially when the other half is after you. If your partner cant track you down the bloody Government will have a tough time!
To drift back to my first post and elaborate on Gnostic of the Gnosis comments, it doesn’t surprise me that this device is being kept secret. Why is this so? Well, public outrage counts for nothing these days and anything we say is ignored. The papers and TV would fill a slot or two to make some money, but in the end the thing they fear the most is what I highlighted above. Some clever sod would find away to block it, copy it, or find so many faults in the thing they would have to stop using it or have to spend even more time and money advancing it.
Like I said about the CCTV, if you can get a device to record the images from a network, then the same would be said for any new ‘device’ to see in the home. It probably works along the lines of the mobile phones being used as radar in the Dark Knight movie. Remember, they always use the media and TV and movies to prepare us for new things. Look at the original Star Trek, bar beaming me up Scottie, we have surpassed most of that technology already.
It probably also uses home computers and laptops with built in webcams. It should be common knowledge that ‘hackers’ can activate these remotely. Imagine what a Government with all our tax money to waste could be up to?
Sinister stuff.
But always remember one thing, WE are the MAJORITY, for every little secret gadget they use someone will expose it and duplicate it, they are good at losing laptops and confidential information remember. Even though they are ruled by an Elite they are still the brainless idiots who have to carry out the orders and boy do they screw up…ALOT.
Nice to see Mandelson got his just deserts today. It’s proven that something can actually stick to him! I dont condone physical action, but damn it was funny to watch.
Thats todays thoughts out of the way.
Revolution!
MM
Encrypt your language, e.g.
“Hi, just to let you know I’m on my way round to sort out the business we talked about the other day. The man with the funny looking cat says it’s fine, but to remember the two sheep”
No computer will crack that because first of all it has missing information that only the two people know, and secondly it uses higher level human intelligence, e.g. conceptual leaps, associations, cultural things and so on. Computers are pretty stupid, I mean even the best AI cannot hold an intelligent conversation.
Never use keywords by the way, and invent your own code. Assume any off-the-shelf encryption has a backdoor and by using it you are just telling them you have something to hide.
Baron
A cunning plan indeed.
I look forward to the bonsai fantango imbroglio at foxtrot delta seven, accompanied by the timpani swahili expeditionary marching band.
…ah, it’s Baron, from the David Icke Froum
The Chair is against the wall! John has a long moustache!
I wonder how many of you realise that some software you have on your computersm actually phones home annonymously to the servers of the company that created the software. I know that Adobe software does it to check that one is using a licenced copy of the program. So does Corel. They have a program called Paint Shop Pro that phones base every time you use the program. Best thing to do is unplug your router or wait until you’ve started the program you want to use then disable the service that phones home. If you disable the service before you start the program you will run into problems.
Use a firewall like Zone Alarm. It asks you which programs you would like to use the Internet. A package like DTP software should not need to run without an Internet connection, for example if you are using it on a laptop. Zone Alarm just makes the program think the Internet connection is down, and so it does not bother the software too much.
Another very useful program is Spybot. Use it in advanced mode and go to the tools section, and there you will find all the rubbish hiding on your computer. This includes things like programs that start up automatically, ActiveX objects, browser helper objects, and a load more stuff that you were probably not aware of. I just used it the other day when I installed Real Player, which decided it wanted to use Windows Messenger. The program located the exe file that was responsible and it has now been deleted. I often find I can quadruple the speed of friend’s computers by doing this sort of thing. The last one I looked at had 78 processes running before the user had started using it! I could probably cut that down to about 20.
Zonealarm is ok, although I probably trust it less now that its owned by Checkpoint.
The main issue I have with software firewalls on Windows is that they are only as good as Microsoft allows them to be. So, as happened to Zonealarm last year, a Windows update can break them, leaving you vulnerable until someone comes out with a fix. Not so good …
Hi Mike,
You’ve got it wrong; encrypt all your data and REFUSE to handover the passwords – they can’t sling us all into jail – the prisons are all already full!
What’s more Judges will get totally fed up with having their time wasted by such cases as they did with the Inland Revenue when they got heavy in the early nineties.
John R of ERS (we met just before the Stock Conference began)
“Zonealarm is ok, although I probably trust it less now that it’s owned by Checkpoint.”
Yes I have found it useful, but it’s just one line of defence. If it tells you that so and so program is trying to access the Internet then that is helpful because after a time you build up an intuitive understanding of what is going on. Some viruses have managed to bypass it, but a lot of data being sent from your computer without your knowledge seems to be done in a way that is not too sophisticated, and can easily be stopped.
You get to know which companies you can trust and which you can’t, and it’s quite amazing how untrustworthy a lot of them are. Microsoft seems to be one of the better ones since they got a lot of heat a while back, and they have learnt that it is better to be honest and work with people rather than against them. Someone will always spot what they are doing, and so the negative publicity is probably more damaging than the benefit of that information. They have opt-in schemes which help in the development of software to tell them what parts of the program people use most often and that sort of thing. I’m ok with that when it is above board. Personally I worry more about Google. They are bang at it and seem to have an agenda. Microsoft just want to build software, whereas Google seems to be more of a marketing company with no product to sell, except your data.
While I agree with you 100% about Google, I don’t think you have MS 100% right. They’re still up to their tricks with regard to their treatment of OEMs, still breaking the law with regard to Internet Explorer, still are much too close to the NSA, their security model still sucks generally, and Vista shows they’re still pushing product not fit for purpose. AND, their biggest crime ;o) – after promising not to take lawsuits against companies using Linux in their products for allegedly breaching software patents, they’re doing it anyway.
So yes, they’re possibly not as openly agenda driven as Google, they’re still dirty players I think.
MS hold quite a lot of patents, but don’t go chasing after people who step on them. You see, out there is a community of programmers and they turned against Microsoft and they felt that. Now they are trying really hard to be ‘nice’! It is a massive company and all too easy for them to make short-term gains out of being fascists, but the Internet is like a police force, and people will soon get the word around. As for their ‘crimes’, it seems that it is the EU that is pursuing them vigorously, and you have to ask why the EU would be so concerned about them.
OK I agree the software can be shoddy when it comes out, but what can I say. That Windows program is a monster program, and is probably one of the most sophisticated things made by man. I tend to take my hat off to people who can pull something like that off, because it is not easy. You only discover how ‘not easy’ it is when you decide you will try and build something ‘better’. For the last few years I have been building my own graphics interface to replace the Windows system. Yes I have my very own windows and text boxes, lists and all the other controls one uses, and you just never tend to appreciate how much work there is to even the most basic bits of something.
I have to say that Microsoft does actually help considerably with putting something back into the computing community. The NSA business is not their choice either. These agencies of the government are so powerful that all major companies have to comply, since the state is the largest monopoly there is. I think the worst thing I could say about them is that they built the new operating system with the primary purpose of protecting the film industry’s digital rights rather than to design the system in the conventional way, where performance is priority number one. Someone must have twisted their arm severely in order for them to do that.
Victory at last!!!!
Straw has just cancelled a massive Internet spying programme.
Resistance is not futile.
Do you really believe he’s cancelled it ? I don’t.
More ‘horlicks’ from Strawman.
not cancelled,just postponed until no-one is watching…………
So no one likes MS. Use Linux, it just makes life easier .
Ubuntu is great,but I cannot run my printer , scanner or games on it,thats the only downside
What kind of printer and scanner are we talking about?
Games? You have time for games? If you want some stuff to do, I can make sure you won’t miss the games … ;o)
My advice to anyone wishing to use encryption as protection of their privacy and freedom is this: Get open-source encryption such as Truecrypt. It’s free and the open-source community can check the code that was used to write it. This ensures a good level of defence against a “backdoor” in the software.
Truecrypt allows you to create a “hidden volume” within the “outer volume.” The are both encrypted with different keys; the hidden volume is scrambled in the free space of the outer volume. The outer volume is pre-prepared with convincing files that are of no private worth to you.
It is impossible to prove the existence of the hidden volume without knowing the key. The police cannot imprison you for refusing to reveal it unless you admit it exists. You simply give them the key to the outer volume and let them waste their time sifting through useless data!
zerox,
That’s the one. Truecrypt. Hidden volume. Plausible denial strategy. Unbreakable.
If we really were asked as a race to accept to be chipped. what we really do.??
Everything in a chip inside you. Your life. Financial life, criminal life, medical life…….
RFID has been known and covered for years.
But is this really safe.?? Safe from who?? and what.??
I think it’s easier for them..
for them to control.
For them to isolate if every they need to..
the RFID chip is basicily a chip that will be placed in your arm….it will carry a bar code which is made up of 3 sets of six digiets…666….this bar code will carry all your lifes info…and when its fully in place all your financial dealings will be done through this chip….and if you dont conform to what they…(the banksters)….ask then they turn your chip off…you will not be able to buy food……..trade….or travel….all thanks to a chip made by IBM…..the same people who used the first computers to help process the jews for the nazi,s………….nothin changes…..it just gets more sinister
Maybe I’m not up to speed with you guys but on the subject of embedded dial-ups, especially in OEM software, another culprit is Canon. When I’m online and go to print an https page (you often can’t save a secure page as you know), my Canon printer tries to dial-up.
Google Earth along with Realplayer are rated as highly invasive particularly if you are running them on Vista. Google Earth tries to dial-up the moment I boot up, which is annoying if nothing else. So does Skype. The answer is don’t have your modem driver or Internet dial-up in your start-up list.
I use McAfee which alerts me to any unsolicited dial-up by throwing up a window that identifies the exe program attempting to do so and asks for permission. If you don’t consent, it blocks it. McAfee also provides a pretty decent firewall and unlike many, such as Norton, AVG and Trend Micro seems more efficient in that it gets on with the job without producing noticeable drag. I’ve tried them all over the years and McAfee’s the best so far with a straightforward control panel plus other useful tools such as permanent delete.
Zerox, thanks for the tip on Truecrypt.
Encrypt it, There is no problem with encryption.
If you want to hide data from the government through encryption you have the right to do that. There is no law that says you cannot encrypt your data and there is no law saying you must “remember” what that password was.
They cant lock you up and throw away the key because you forgot the password to your encrypted drive.
If the government is after you in the first place, they are not there to work with you, they are trying to find evidence to lock you up for a long time. Why help them with that?
Truecrypt is great.
Unfortunately, Companies like Symantec have been ordered to leave Backdoors in their SW for the Security services.
The mackerel needs frying.
All this firewalling stuff is useless against government intrusion as they have back door access through Windows operating systems. Best thing to do is switch to Linux which is open source and can be verifiably shown to be not riddled with proprietary spyware from the get-go like anything from Microsoft is. Linux is not only far more secure, it’s also free!