May 222020
 

Maybe you don’t care whether or not your movements on the Internet are being watched because you’re “not doing anything wrong”. If so, I won’t pick a quarrel with you. After all, why should you draw your curtains at night? Haven’t they seen a naked man/woman before?

Or maybe you will agree that the idea of being watched while sitting on the toilet is disagreeable, but if that is what it takes to put a few drug dealers behind bars, it’s an idea you can live with, even though you realise that if there’s one thing drug barons can do better than just about anybody else except other big-time criminals, it’s to protect their privacy. After all, they can buy all the expertise they need.

So, no, I won’t argue with you. You will hear more than you can bear about privacy in months to come. Covid has unleashed an army of young talented developers who are now all clicking away at their keyboards to satisfy governments’ and industry’s vast demand for ways and means to monitor our actions and influence our attitudes. If that’s fine with you, I repeat, I won’t argue… except to remind you of one thing:

There are investigative journalists out there, sticking their necks out to dig up the dirt we need to know about so that we don’t go off and elect the likes of Trump and Bolsonaro again and again and again. There are tens of thousands of human rights activists and their lawyers and honest judges who risk being stuffed into jails without trials or killed for defending their co-citizens. These people’s privacy must be protected at all cost! How can we help? By defending our own privacy so that their defended privacy doesn’t stick out like a row of sore thumbs.

I’m so very far from being an expert in this field that I would urge you to leave this page at once to go and read somebody else’s advice. But I haven’t found any comprehensive self-help guidance to direct you to. The Privacy Rights Clearing House, for instance, provides very sound insight at the general level, but the bottom line there, as I understand it, is that we should all stay away from the Internet in any way, shape, or form.

True, you can find valuable practical snippets on sites like this one from Kaspersky, but bear in mind that here Kaspersky is also trying to sell us its own products.

So I will do my best to indicate how we can protect our privacy from various kinds of intrusion. Of course, if you run a business, you should probably invest in professional services not only to protect your data but also to minimise your vulnerability to malware.

Your device’s location gets shared

The good news is that your device’s GPS is not telling anybody where you are.

The bad news is that the apps that have access to your GPS might do just that. And commercial use is made of the information.

So you should disable location access for the apps on your phone, and you should disable location storage in your Google or Apple account. PCMag outlines how to do so.

You should consider whether you absolutely need to use Facebook, and if you really do, you ‘d better hone your privacy settings there. Kaspersky tells you how.

Websites you visit share more information about you

You prevent this if you use a VPN service.

Doing so not only hides your IP address; it encrypts the re-routing of your internet traffic. So whatever information the websites or ISPs have stored will be illegible to them.

There are many free VPN services, and even more websites that compare them. Take a look.

“Free” always comes at a cost:

  • You don’t want “speed throttling”.
  • You want a large data allowance.
  • You want to cover all the devices you use.
  • For normal privacy protection, you don’t need access to many countries.

So as not to excceed my data allowance, I try to remember to turn off VPN when video streaming (legally).

Another advantage of VPN is that it also protects you against hackers when you are away from home. But if you yourself are engaged in serious criminal activity, the web service can hand over your identity to law-enforcement.

Many repressive regimes consider political opposition “terrorism” and some unnamed countries penalise whistle blowing. If you are from or living in such a country you might opt for a VPN service in a country that is not likely to pander to, for instance, the Saudi or Israeli governments.

You do not need to use a VPN to block cookies and adverts. There are other ways of doing that. Some browsers do so and there are plugins or “extensions”, such as Ghostery.

Your browser

If you use VPN, your browser isn’t a big issue. But if you turn off VPN …

I would not use Chrome or Safari, and Opera has been sold to a Chinese group.

On Android devices I currently recommend Brave. For computers, consult e.g. Wired or Digital Trends. If you use Firefox, you should at least learn how to fine-tune the browser’s security and privacy settings.

Messaging

WhatsApp is owned by Facebook and its main source of income is based on users’ contact lists. I put to you that Facebook’s track record is less than respectable. Signal is widely recommended. and is pretty impressive in terms of privacy.

Contacts, calendarsand email are our weekest point!

If you, like me, let Google or Apple manage your contacts and calendar, not to mention your email, you really have a problem. We have a problem. Or rather, our contacts have a problem. A lot of other apps on our phones will have access to the contacts, not least Facebook. Yes, Google and Apple enccrypt our email, but not end-to-end.

Oh dear, oh dear.

There is no way I am going to take my contacts and calendar back to a paper notebook. The blessing of having all my devices synchronised cannot be exaggerated. But what if I regularly meet with political refugees from, say, Saudi Arabia or with Russian political activists opposed to Putin… Yes, what then? If the Saudi or Russian authorities are seriously tracking them, my writing in my calendar that I’ll be having lunch with them at so and so time/place and their phone numbers in my contact list may endanger them.

How do I know what Google hands over to state prosecutors who may or may not be hounding people from minority groups and other disadvantaged areas?

What I need is an email service (and local client) that provides end-to-end encryption and that also stores and synchronises a contact list and a calendar.

I googled “privacy alternative to gmail and contacts” (without the quotes). You’d be surprised by the number of hits. Three of the top five, including two from VPN service providers (and they should know) all coincided pretty well in their conclusions. (NordVPN, RestorePrivacy and PureVPN).

As far as I can judge, only one of the email clients they recommend also provides a contact list and calendar: Tutanota. Now, I don’t much like the name, but I do like the look of it. The hitch is, of course, that all email sent from this email service gets encrypted. So you won’t want to use it to ask your dentist for an appointment. But you could use it to communicate with Saudi refugees and with good friends, not to mention if one of them is a married colleague with whom you are having an affair. You would, in other words, leave your dentist’s number on your visible contact list and move your shrink to your private list, using only Signal to communicate with him/her.

So this is as far as I get without using PGP, which many email clients do allow, but which is a little too cumbersome for most of us – and it still leaves us with an unprotected contact list and calender.

The last word has not yet been written, never will be. But for the moment, if you really make an effort, you can still communicate pretty safely online.

Apr 292020
 

This is to remind you of the Amnesty International petition in defence of freedom of expression. I quote AI:

Julian Assange’s publication of disclosed documents as part of his work with Wikileaks should not be punishable as this activity mirrors conduct that investigative journalists undertake regularly in their professional capacity. Prosecuting Julian Assange on these charges could have a chilling effect on the right to freedom of expression, leading journalists to self-censor from fear of prosecution.

People from all countries are urged to sign here.

Oct 192019
 

When Edward Snowden crashed into the media in 2013, the impact created more than a hiccup in the state of affairs. Do you remember what you were doing at the time? I do, and I can still feel the chill of horror that descended on the room where my colleagues and I ate our daily lunch packs. Disbelief quickly subsided as we realised that the evidence behind his story was overwhelming and that the implications were infinite. Mulling over them together, we chewed our sandwiches in near-silence, interrupted only by the occasional question that inevitably could be parsed as: “So now what?”

Given the initial impact, you might have thought that the Snowden revelations would be paradigmatic, that the world would turn slightly on its hinges and readjust its course through the ethers. After all, we don’t want to live in a global dystopia – remember Brave New World – do we?

Thinking back, there have been several moments in my lifetime which might have jolted our world enough to change its course. The Vietnam war, for instance, outraged a whole generation and brought it out onto the streets in protest. But then again, that was only in the West. Elsewhere, they had other problems. In Iran, faith in Democracy had already died, with the CIA-engineered coup against Mosaddegh. In South America, they were just starting to hope a better world was possible, when a series of CIA-engineered coups brought down one would-be democracy after another. What I’m saying is: We should long since have lost our innocence.

Yet, we go on doing what we were doing, out of habit, perhaps, or because: what else can we do? We continue watching the evening news, continue repeating the same fictions to our children. In Brave New World, people are inherently incapable of calling the authorities to account. I take the liberty of quoting Neil Postman (Amusing Ourselves to Death):

What Orwell feared were those who would ban books. What Huxley feared was that there would be no reason to ban a book, for there would be no one who wanted to read one. Orwell feared those who would deprive us of information. Huxley feared those who would give us so much that we would be reduced to passivity and egotism. Orwell feared that the truth would be concealed from us. Huxley feared the truth would be drowned in a sea of irrelevance. Orwell feared we would become a captive culture. Huxley feared we would become a trivial culture, preoccupied with some equivalent of the feelies, the orgy porgy, and the centrifugal bumblepuppy.

So after a bit of agitated humming – “look out, the NSA is watching you” – we all got back to business as usual, enmeshed as we all were – even back in 2013 – in the Google and/or Apple and/or Microsoft and/or Facebook universes. After all, how on earth could we extricate ourselves?

Personally, I have managed to stay clear of Apple, Microsoft and Facebook by using a Linux OS. But in the end, I am literally begging to be monitored by using Android, hence also Google contacts. I mean, the alternative would cost me hours of note-taking on slips of paper.

Ashamed, I bury my head in the sand and think “what the heck, I’ll be dead sooner or later, anyway”.

Edward Snowden’s book Permanent Record landed on my desk a few days ago. Let me tell you, It got my head out of the sand double quick. Even the preface jolts you.

He writes well, very well, in fact, and his line of thought is compelling, so that I follow him attentively even into descriptions of childhood minutiae. His prose is eloquent and clean, unlike that of Whitehouse spokesmen (witness the Whitehouse rendering of the run-in between Trump and Pelosi). And he has taught me a new word: conflation. It’s an important term because it refers to one of the tools used to manipulate “facts”.

This particular story is about spies and surveillance. One of the story’s main questions is: What are they for? Are they for keeping terrorists at bay or are they for consolidating the supremacy of overdogs? If you read Permanent Record, you will see it’s not just about the USA. And if you read the news (from decent outlets), you will see that what most of us consider “rule of law” is applied in only a minority of countries (source: World Justice Project)

I put to you that every one of us, even those of us who live in countries with a high rule-of-law-score, would benefit from reading Edward Snowden’s book.

Jun 162019
 

Let me admit at once that my news source is not normally The Intercept. I prefer a rather more chatty paper, one that is not too angry, one that helps me feel that I am a member of society, not a besieged and defenceless island.

The problem is that most such papers need sponsors and sponsors tend to have money, and those who have money are usually not all that keen on promoting equitable distribution of wealth (with, say, progressive taxes, and free health care and university education), not to put too fine a point on it.

We hear about “the wealthy” in all sorts of contexts, not least in statements about “the top ten percent” versus the remaining 90 percent. We know statistically who they vote for, how much they spend on lobbying activities and what media outlets they own. We also know that many rich people are “very nice”, love their children and spend vast sums on charity. But there is no doubt about it: disparities in almost all our countries are growing. They are growing sharply.

Nevertheless, we continue reading papers owned by members of “the top ten percent” and we hope all the bad things will just sort of disappear, just as we avoid reminders of the fact that we, yes, you and I, will die some day, maybe even someday soon, that climate change will deprive our grandchildren, maybe even our children, of most of the good things in life. It hurts to think about it, so we don’t; we don’t think.

Thus, our pusillanimity helps us make unsound choices, choices that will harm us and our children.

Sometimes the unsound choices we make can be downright dangerous. One such choice was made by the majority of the voting electorate in Brazil, when they raised the fascist-minded Jair Bolsonaro to the presidential throne. Now Brazil is already sometimes referred to as a “fascistoid” state. That spells d-a-n-g-e-r for a lot of innocent people.

Before he was elected, Bolsonaro was not the favourite candidate of the “wealthy”, but he was the only candidate on the right who had sufficient charisma to attract voters. So the press supported him and denigrated the left, as usual.

Now Brazil is a country of extreme inequality – and the overwhelmingly numerous poor would probably have voted for Lula da Silva if Lula hadn’t happened to be in jail. Why was Lula in jail?

Well, that is really the magician’s trick, you see. This is where The Intercept comes in.

The Intercept — the Political Earthquake in Brazil

I’m not here to tell you The Intercept’s story. You should read it yourself.

What I do want to point out, however, is that somebody provided The Intercept with the evidence. I would not like to be that somebody. Whoever it is, is a hero, but if the Brazilian or US authorities ever get their hands on him or her, … I say no more.

And as for my country, your country, the UK, Equador, and Sweden and all the countries that are kowtowing to the US in the Julian Assange case and who refused to grant asylum to Edward Snowden, they are accessories before and after the fact to the crimes Assange and Snowden exposed.

Whatever the identity of the hero who provided The Intercept with the evidence, you and I had better be prepared to demand that not a hair be touched on his or her head, and that no legal or other steps be taken against The Intercept.

Dec 112018
 

President Macron has just addressed the French people for the first time since 1 December. After weeks of violent protests, his address was anxiously awaited, not least after last Saturday when, according to Le Monde, some 136 thousand protesters of all ages and backgrounds took to the streets of France.

What did you expect from the President? What did I or the yellow-vested protesters?

Ah, but the man is no fool! Rather than scold the demonstrators, he made a sweeping apology on behalf of the establishment for having forgotten the suffering of so many of his countrymen, giving moving accounts of the uphill struggle of untold men and women straining to reconcile work, parenthood (or old age and/or illness) and low income. His examples were numerous and vivid enough to sound sincere. He promised there would be change, plenty of change, starting with a 100 EUR hike of minimum wages from 1 January.

President Macron must have read his Piketti! Have you, Mrs Clinton? I am pretty sure Mrs Merkel has, conservative though she may be. As for the right-wing, so-called populist leaders of Eastern European countries slipping into autocracy, they have evidently only grasped what serves them best, the fact that a majority of voters are disaffected, disappointed and feel disadvantaged.

The question is, will the French president be able to deliver on his promises? Can any president deliver on such promises? I very much doubt it. For instance, how on earth can one sole president put an end to global so-called “tax avoidance” and the use of ugly, if not illegal, tax shields. The way things are, no president can satisfy any electorate in the long run.

Companies need investors. Investors want to be remunerated. After all, investing in a company is not as safe as putting your money in the bank. The company therefore needs to pay sufficiently high dividends to be able to dissuade people from putting their savings in the bank. To do so, the company has to cut more corners than the bank, i.e. pay less tax. If that involves hiring experts, offshore entities, fictitious companies, nominee directors and dodgy accounting firms, all of which will take a cut in the avoided tax, so be it. The outcome is less money to the state, and survival of the company.

Since we all want employment for as many of our citizens as possible, we dare not normally rock the boat. There is just one problem: As a result of tax avoidance, the state has insufficient means to care for its constituents. And large swathes of many populations are growing very disillusioned, even angry. Very angry.

Now in Europe, we tend to disagree with people in the US about the value of “state” and human constituents. Whereas in the US, where disadvantaged human beings and their offspring (excepting younger than 12-week-old embryos) tend to be disparaged, Europeans have invested heavily in the so-called “welfare society”. The term basically embodies the concept that all and sundry should have the right to education according to proclivity, healthcare according to need, and sustenance according to circumstance.

In other words, in Europe, states need income. The problem is, however, that a lot of money is being tucked away. Putting taxable money away is expensive, so only those who are very rich can afford to use the available “loopholes” to do so. One such loophole involved defrauding several European states of a total of 55 billion (yes, billion) euros. Here it is explained by Deutsche Welle. This was the largest tax evasion scam  ever to have been uncovered in Europe. One reason why theft of so much of our (the taxpayers’) money has attracted only limited attention is that some very prestigious banks were among the culprits (e.g. Santander and Deutsche Bank).

You and I, the French yellow vests, the long-suffering Spanish unemployed, the ill-advised Bolsonaro voters in Brazil, the innumerable abused women of Latin America and Somalia, the underpaid teachers and health workers of the world, we are all being outmanoeuvred by companies that manage to avoid paying their fair share of taxes, (such as Google, Facebook, Apple, and Amazon) and by financial acrobats. It was the financial acrobats who brought down the global house of cards in 2008, trading in futures and shorts and whatnot, and they will do so again, because, basically, nothing has changed, because, basically, those who control the rules of the game DON’T WANT THINGS TO CHANGE, because, basically, they are inevitably the ones to win. This is not just a matter for France or the US. This is a global trend and it applies, I suspect, even to Russia, China and Iran.

In the December issue of Le Monde Diplomatique, Secretary General of Amnesty International Kumi Naidoo stresses that human rights are not just a matter of legal rights and freedom of speech. Economic and social rights are equally important. Kumi Naidoo apologises on behalf of the organisation for having so long delayed in understanding that one of the most important reasons why we need the one is to defend the other. I was very glad to see that apology!

What can the French president do? If he raises taxes on big business, he will be out of work tomorrow. He cannot possibly do anything about tax avoidance, because then companies will simply leave the country. There are plenty of other countries. It’s all interlocked, as Kumi Naidoo pointed out in his article celebrating the 70th anniversary of the Universal Declaration of Human Rights, today, 10 December.

Although the German authorities managed to uncover much of the cum ex scam, it was only thanks to painstaking efforts laid down by a network of reporters from various news outlets, that the extent of the scam came to light. They also uncovered that it is STILL GOING ON. Read about it. I promise you, this is hot stuff.

My point is that in this case the press actually served the purpose it can and should serve, as a corrective: It exposed what we were not supposed to see.

However, in many countries, most media are owned by the powers that be. Hence they are not free. Hence people will make ill-informed electoral choices and will accept slashes to their legal rights and freedom of speech. Discovering, too late, that they are the ones to go on paying the austerity bill, they will be put in jail for voicing their discontent.

You can just imagine what conflagrations we will see when the climate bill has to be paid. We have just seen a small hint of that scenario in France.

Jun 282017
 

You may have heard – and then again, you may not have – that Saudi Arabia, the UAE, Bahrain and Egypt have issued an ultimatum against Qatar, the 13 so-called “demands” the country must meet within ten days, “or else”.

If Qatar meets the demands, it will have ceased to be a state: It will merely be a vassal of Saudi Arabia, since what is demanded is in reality that the country surrenders its sovereignty.

It all started with an economic and diplomatic blockade launched in the wake of the US emperor’s visit to Saudi Arabia, and since the Saudis evidently feel confident about US support, goodness knows where it will end. For that very same reason – i.e. US support – nobody even mentions this issue around here. In Europe you don’t talk back to the US! Not in this country, not in any European country, least of all in the UK.

Now I was brought up with the BBC. I feel warmth and gratitude to the BBC. I know the names of many of their foreign correspondents. I download BBC podcasts and listen to them. But let us not delude ourselves: BBC is a British broadcasting company, and Britain is very cosy with the USA. As for the USA, well, need I remind you …? No, I won’t remind you, because that would require not a website but many tomes of modern history. However, take a look at Reporters without borders. If you click the map you will see that the USA ranks no higher than 43 out of 180 states as far as freedom of the press is concerned.

My country is also uncomfortably cosy with the USA, if not quite as cosy as the UK, but certainly cosy enough for its national broadcasting company to refrain from ever quoting Al Jazeera. Yet, I suspect that all good foreign correspondents – be they from my country or from the BBC – consult Al Jazeera more than almost any other outlet, at least about Middle East issues. Why? Because Al Jazeera is good, very good! And they are not bound by the US Patriot Act.

One of the 13 “demands” is that Qatar close down Al Jazeera. Now I don’t know whether you watch Al Jazeera, but what I do know is that whether you do or don’t, the news outlet will have considerable impact on what is revealed to you about world affairs. If it were not for Al Jazeera, the US and the UK could tell their side of the story, and nobody would know the difference.

I wish to quote another Guardian article of today (also quoted, by the way, by Al Jazeera):  Asked whether the closure of al-Jazeera was a reasonable demand, the UAE envoy said:

We do not claim to have press freedom. We do not promote the idea of press freedom. What we talk about is responsibility in speech.

I ask you, could any quote be clearer?

Dec 212016
 

This post is indented as a sequel to the previous one, which I believe should apply to everyone. I repeat: If we all look after our digital privacy, as we look after our health, say, we shall be protecting the social scientists and journalists who are sticking their neck out to tell us what we need to know.

This post, however, will be for those who are actually at risk, i.e. the social scientists, journalists and non-violent political activists who provoke the political powers that be.

***

To send a file to somebody else, when you want to be sure that only the intended recipient can read it, you could of course simply password protect it, but passwords can easily be cracked. Besides you would have to send the password, and the message in which you send it could be intercepted.

An alternative is to use 7zip  – which is available to  all major operating systems. With 7zip you can encrypt the file. You would do this if you want to transfer a large file, or several files, via your cloud service. You would still have to convey the password though.

The most commonly used way to protect the privacy of email is with PGP (Pretty Good Privacy). The program PGP itself is not free, but there is a free alternative, based on the so-called OpenPGP standard.

Now if you use an email client that provides PGP support — and yours may very well do so, although you do not know it — you should study its documentation. If not, you should consider changing your email client. 

Wikipedia has an article comparing email clients. Search on the page for PGP and you will find a table that might be useful to you. If you normally only use Webmail, you might consider starting to use a dedicated email program (“email client”).

PGP’s alternative to the issue of passwords is a set of “keys”: One “private key” which only the sender possesses, and one “public key”, which can be published openly on the net yes, on the net! The sender AND the recipient must know each other’s public keys, and this is where your software comes in.

Your software should  be able to generate both keys and store them. It imports and stores also the public keys of people with whom you want to communicate, and keeps track of what messages are to be sent to or received by whom. Finally it should check incoming keys, and encrypt and decrypt as needed.

The hitch is obviously that the recipient must also be using PGP encryption. But PGP has grown pretty universal, cross-platform and is inherent in many application. However, as with all software, new versions tend to be incomprehensible to older ones. (Compatibility issues can often be solved by altering settings.)

Most of us are not yet used to using PGP for email, though, so though it can easily be handled by our email programs, it may take a while before we all catch on.

At any rate, do not be discouraged, because once you have your keys properly stored and have understood how to use them, encrypting your stuff (with the proper software) is not difficult at all!

Dec 182016
 

To me, the word “encryption” sounded sinister until very recently, when I realised I’d have to take the consequences of what we are seeing these days. And guess what: digital protection – even encryption – isn’t difficult at all. There are programs that do it all for us. I believe that what I am proposing in this and the following post need not even make a dent in anybody’s wallet.

In view of the medieval state of race relations in the US, and bearing in mind Mr Trump’s penchant for decisive action, I think we should not place too much trust in the rule of law in the US, for instance. It’s a good idea to be prepared.

In general, in a world that is increasingly being governed by individuals who label political opponents as “criminals” or even “terrorists”, we should think of the consequences of such labels, not necessarily for ourselves – at least not yet – but for reasons that I will return to a few paragraphs further down.

Many of our rulers are willing to resort to what we in the west recently (i.e. pre-Snowden) considered “the unthinkable”, to stay in power and, in many cases, to improve their financial leverage.

There is also a rising number of people who are learning the tricks of cybercrime. For all you know, your next-door neighbour might be one of them, in which case he or she may be particularly interested in your WIFI network.

Most of us are not terrorists or criminals, although we might be leftist or Moslem or environmentalist or black or even Mexican. We might, however, be deeply dissatisfied with our rulers, and we might even be organised, say in an activist civil rights group. Organised opposition has always been regarded as a threat, or at least a nuisance, by the powers that be, and is now becoming increasingly risky. In many countries, of course, it has always been deadly dangerous. What’s new is that the number and potency of tools to penetrate people’s private (digital) worlds have grown exponentially over the past years.

What’s new, too, is that year by year, in all countries, law enforcement and secret services are being given wider powers to use these tools. This is quite understandable because, after all, there is a real threat of terrorism, and there is a real and growing threat of serious cybercrime.

Meanwhile, political improvement is contingent on our all understanding as much as possible of what goes on. Some journalists, social scientists and whistle blowers are putting their necks out to protect us by uncovering the crooked acts of cynical rulers and magnates. By doing so, they risk their lives in many countries, and in others, including mine, they risk finding themselves without a job.

We need them. We desperately need them! Only by knowing what is actually going on, by being able to dismiss false rumours, libel and “post-truth” propaganda (see Oxford Dictionaries’ Word of the Year), do we have any chance of improving the world we live in. They – the journalists and social scientists – hopefully know how to protect themselves, but by doing so, they will inevitably seem suspicious: “Why is NN encrypting his stuff? Why is that woman using a VPN server? Are they terrorists?”

Since they are trying to protect us, the least we can do is to try to protect them, in essence by protecting ourselves.

If only to protect our bank account information, password lists, copies of passport and driving licence, intimate letters and pictures etc., we should start thinking about digital personal protection. When we started using email, in my case in the late eighties, it seemed very difficult. We had to put a lot of effort into it. These days, it’s all so easy that kids are social media experts before they can add and subtract. Did we think this was the way it would always be? If so, our thinking was flawed: Sic transit gloria mundi.

Sooner or later, the alternative to using only pen-and-paper may well be to encrypt everything; computers, phone calls, email, social networking – the lot!

Meanwhile, there are a few very basic steps we should take, apart from everything we hear every day (e.g. being wary of links in emails and on websites). The measures cost us a few extra seconds, but then again – let us not forget how very, very much more time-consuming everything was, just ten years ago.

  • Text messaging encryption. Thanks to Edward Snowden, Signal has become quite a hit. It’s so seamless that once you’ve installed it, you won’t notice you are no longer using your phone’s stock SMS app, except that it’s faster and doesn’t hang.
  • Wifi router protection
    Wifi routers must be new enough to yield so-called WPA2 protection (at least).
  • “Anti-virus” software
    You should not rely entirely on Defender, if you are using Windows. There are several excellent and powerful anti-virus protection schemes that are free.
  • VPN (Virtual Private Network)
    If privacy protection is an issue for you — and to my mind it should be, if only for the reasons given above  conceal your IP address.  This is probably one of the most important steps to take if you are a fact-hunting dissident. Many services provide access to VPN servers in various countries, and competition is fierce. Most of the best services are no entirely free, though, or rather, those that are tend to plague you with adds or restrict your bandwidth. On the bright side, most of them now require no technical know-how, just that you press a button. There are numerous lists of “best VPN” services, free and non-free.
  •  
  • Storage on external drives
    Store as little as possible on computers, tablets and smartphones. (Plug in your external drive and move private stuff to it, then remove the external drive at once.) If you don’t use cloud storage, this should do (assuming your computer doesn’t have digital parasites lodged in its entrails, your external hard drive is securely stored and never leaves the house, and the house never burns down).

Cloud storage

Most people use cloud services these days, if only to transfer files. Besides, people are often more or less unwittingly constantly connected to their operating systems’ “Store”, storage spaces, sharing services, etc.and to social services.

  • TLS/SSL protocol
    Respectable cloud storage services use a TLS/SSL protocol for data transfer (HTTPS://). That isn’t much, but better than nothing.
  • Encryption
    Some services encrypt your stuff already before it leaves your computer. They say that you risk nothing and that they have “zero-knowledge” (about you and your stuff). This sort of service is used by companies. But why not do your own encryption before uploading anything to your cloud. with good software, it’s a cinch! So:

     

    • What is good software? Since good encryption depends not on your software, but on the algorithm used by the software, the software you want will depend on whether it is easy to use, can relate to your operating system and serves your needs in other respects. Leading encryption programs all use basically the same algorithms, the best known of which is AES (developed some 20 years ago).
    • Veracrypt is one such (free) cross-platform program (i.e. for Mac, Windows, Linux, but not for mobile systems). I am mentioning it not least as it is the program used in the following link which I am including to demonstrate how very easy it is to encrypt whatever files you want to keep out of any private or public eye: encouraging demonstration

Phones and tablets

Being an open system, Android is more vulnerable to malware attacks than are IOS devices. Over the past two years or so Android has been rocked by some pretty serious security issues, e.g. “Stagefright”. So serious were they, in fact, that phones that come with Marshmellow (or newer) installed are supposedly encrypted by default (!) Yes, you read correctly, by default. In other words, Android is not taking any chance, nor should you, so encrypt!

  • Encryption
    Older phones, with Android versions from Gingerbread up, can optionally be encrypted. Details about how to do this may vary depending on your phone and version, but  this guide gives an idea.
    IOS phones have been encrypted by default for a while. Older phones can also easily be encrypted.

Flash drives

Some people will want to encrypt their entire computer. If so, they will probably have used their operating system’s tools for doing this. (BitLocker on Windows, and FileVault on MACs). Encrypting flash drives is, if anything, all the more important since they tend to get lost or forgotten.

  • The same tools as for computers
    BitLocker (Windows), FleVault (Mac)and, again, Veracrypt, can encrypt flash drives (USB sticks).
    Here is one of many guides.

In my next post I shall touch upon sharing (most importantly by email) with PGP.

 

 

Nov 052016
 

You do have your password ready, don’t you?

Do you have more than one email account? Each requires a password, of course. So do your websites, blogs, Facebook and Twitter accounts… And your bank account – that goes without saying – each of your bank accounts.

Take comfort, it’s just a matter of time before banks will give up providing online services: too risky. Too many accounts are being hacked, and banks can’t endlessly afford to cover their clients’ losses.

And where is your internet service provider? At a café? You’re in luck then, because you won’t have to remember the very intricate password of a private router. Only, you may be out of luck, because there are a lot of accomplished hackers waiting and watching over open networks, ready to send you a key logger with which to capture the password to your bank accounts. You won’t even notice, most probably, but from then on, your PC will be remote controlled.

True, your cloud service looks after you and sends you reassuring messages: Not to worry, everything you write on your screen will be carefully stored. If you throw a temper tantrum and hurl your device at someone, or if a hacker ruins it, don’t worry, be happy, nothing is lost.

You log in with a password at work, I suppose, and if you make purchases on the Internet, each of them has to be confirmed with a password, two in fact – one to the company from which you are making the purchase, and one for your bank. They’d better not be identical, you know, and they’d better be “strong”. Strong passwords are per definition impossible to remember, non-pronounceable, non-readable and defying all mnemonic tricks, the sort of thing only a sadistic teacher would ask a pupil to memorise.

You probably purchase all your airline and train tickets online. Guess what: You will need passwords each time. And you’d better have a printer ready, because if you don’t you wont be able to access your tickets when you need them, i.e. at the airport – unless of course, you remember the password.

I have to log on to my library every once in a while. It demands not only a password but a user name I never remember. Speaking of user names, one of my electricity suppliers insists on using my long- deleted passport number as my user name and will not allow me to change it. Needless to say, it requires a password too. In fact all my electricity accounts do – I have three of them.

I also have Kindle and iTunes accounts, each requiring passwords, and Goodness knows how many tablets and computers on which to read my Kindle books, all password protected, as is my mobile phone. Mind you I have four phone service accounts – depending on where I am in the world. And I look up words in various dictionaries that require passwords. Many people use Spotify, Netlix and or other streaming services. Guess what they demand: PASSWORDS.

My bicycles are locked with passwords – keys get lost. Believe it or not, I can still get into my car with a key, though.

I haven’t tried dying yet, but I am sure I will need a password to do so. What really worries me, though, is that my poor children will need a password to get rid of my earthly remains.

But hope on the way. On Wednesday, the US will have a new president. Regardless of who that president will be, he or she will probably inaugurate a near password-free era. Unless you are terminally ill or get run over by a reckless driver – you are likely to live to see the lifting of the password tyranny that haunts us all.

Fingerprints on touchscreens will replace passwords, and people will be glad – nay, relieved – to submit their fingerprints and be free of the password tyranny.

If your next president has a pronounced dislike of Russians, Mexicans, homosexuals, leftists, Wikikileakists, rightists, Kurds, Iranians, Moslems or Jews, not to mention critics, universal fingerprinting will be very useful, won’t it.

Apr 212016
 

I hear on the news that Edward Snowden is taking my country to court, or rather, he is asking the judiciary of my country to consider what his rights would be as a visitor to Norway.

I find the question fair and timely. Much as I keep insisting that the rule of law is, by and large, taken very seriously here, I fear that Norway’s NATO membership entails some unpleasant obligations, between friends, as it were.

Forcing the judiciary to consider his legal rights before he takes the chance of coming here, Edward Snowden has acted wisely. The judiciary is supposedly independent of the executive powers. Now its independence will be put to the test.

From a statutory perspective, the case is pretty clear pursuant to section 5 of the Extradition Act: No extradition for political offences. Political offences are primarily defined as acts targeting a state and its organisation [“samfunnsordning”], whereas prosecution for war crimes and “serious” terrorist acts are not exempt from extradition.

However, as we all know, a court can easily turn into a hockey field if the players are sufficiently insolent. And on a hockey field almost anything goes, I’ve been told. I beg pardon if I am insulting anybody.