Us permies are more known for our ability to repair landscape and create eco-paradises of food abundance than computer wizardry. What can we do in this world of total government surveillance and rampant cyber-crime?
As a permaculture professional and former IT consultant of global corporations, I thought I’d share with you some basic steps you can take to protect your online privacy.
Stop serving Google
First of all, stop serving your innermost thoughts to Google. They track you, filter you, censor you and snoop on your home wifi network in technological drive-bys. Why trust a company that needs to tell you that they “do no evil”?
The power of duck
Use the Power of Duck instead. DuckDuckGo.com is a secure and better way to search the web. Try it for a week and don’t look back.
Spy-mail
You really gotta ditch that ad-infested, spying, corporate controlled email address too (Gmail, Yahoo, Hotmail, etc). They may be easy and appealing, but they are not free. We pay dearly for them in non-dollar terms. Did you know that when you use both Gmail & Google search, all your searches are recorded under your own name? But no worries, there are heaps of small but excellent email services out there.
I personally love lavabit.com, where privacy and security is so important even lavabit employees can’t read your mail. Get an @lavabit.com email address for free or an account for your own custom email address for next to nothing. Small businesses might consider Zoho Mail.
If you want to take it a step further and want to put a sealed envelope around your email as it whizzes around the internet so nobody can read it en route (email is no more private than a postcard), then look into GPG encryption (windows, mac).
(Anti-) Social Media
Then there’s Facebook and Twitter. I simply don’t use them, period. Facebook was partially funded by intelligence services. Besides, with so much meaningful work to do in the real world, who has time to waste consuming mindless information? I unplugged from the matrix before they got popular and couldn’t care less.
Ok, for those of you who are saying but… but… but… at least look into Diaspora*. It is a free open-source peer-to-peer social media platform that lets you connect with the world on your own terms. Very interesting…. Or use permaculture’s own social network — www.permacultureglobal.com.
Choose your surfboard wisely
Next, you should be using Firefox. It is open source and built around security and privacy. Make sure Firefox is set not to accept third-party cookies and have it automatically delete all cookies on exit (cookies store information about you and can track your visits).
Add-on privacy
Firefox also has great add-ons to help plug those personal data leaks:
- HTTPS-Everywhere: use secure internet connections whenever possible
- Ghostery : stop websites from tracking you, or
- Adbock Edge : I’ve been surfing the net ad-free for years and whenever I use someone else’s computer I’m appalled at the commercial garbage cluttering up the net and our minds.
How to be invisible
Firefox with all its privacy add-ons goes a long way for everyday use, but if you want to be truly anonymous you’ll need Tor. After all, your local ISP is recording your activities online too.
Let’s not skype this weekend
What about Skype? Sorry mate, Microsoft owns it and the NSA is listening in. The good news is that you can easily chat, voice and video call with friends over a secure line with Jitsi for free.
Bye bye Dropbox, Hei Jotta Cloud!
If you’ve read this far, it’ll be no surprise that iCloud, Google Drive, MS SkyDrive and even Dropbox are out of the question. Why not have your files safely stored in Norway’s JottaCloud? It’s just like Dropbox, but Norway’s privacy laws are the strictest in the world and you get 5GB storage space! Or you may prefer New Zealands’s Mega, or host your ownCloud.
Dude, you got a bug in your pocket
Let’s not forget that there’s over 6 billion mobile phones out there. I’m guessing you have one too. All the internet security in the world doesn’t help if you’ve got a tracking device in your pocket.
When I worked at Nokia a decade ago, the oldest man at the company told me at his retirement party that the only way to guarantee any conversation is private (phone and face-to-face) is to remove the battery from the phone. Sorry iPhone users. Though, I do admit that I have a mobile too. It’s a tough old Nokia and I use a cash-purchased anonymous prepaid sim card. My “bill” last month was 41 cents.
Privacy bang for your buck
Using permaculture input vs. output analysis, you’ll get the most privacy for the least effort by following the above advice. However, if you’re keen to walk that extra mile for the protection of your online privacy, there’s still a lot you can do. But don’t forget, none of this helps if it isn’t applied with a bit of common sense.
HAL, what is quantum computing?
You can’t stop personal privacy intrusion and surveillance. You can only decrease the probability of it occurring. Yet despite all of our efforts, next-generation supercomputers called Quantum computers, will tear through our meagre defences, including today’s military-grade encryption. In fact, the NSA and Google just bought one and split the bill.
Thanks for sharing! Much appreciated :).
Thank you fo sharing Frazer :)
Thanks
Thanks Fraser. Some good info here. A couple points:
Jotta does not encrypt your data on their servers. It’s is encrypted in transit only.
Tor has limitations
https://www.wired.com/politics/security/commentary/securitymatters/2007/09/security_matters_0920
You’re welcome. I’m only glad to help…
Bill, thanks for bringing that to reader’s attention. Jotta told me the same when I was researching their cloud service. I expect them to add encrypted file storage soon, but lets see. There is always going to have to be some degree of trust when using someone else’s services. The question is: Who to trust? Dropbox encrypts stored files, but holds the keys themselves. Mega’s cloud service is setup so only users can decrypt stored files, but their software is proprietary, so we’ll have have to believe them on that one.
Your statement about Tor also applies to other software and services too. They all have their limitations and only work when used properly. If someone is keen to improve their internet privacy and uses these tools improperly or without ‘common sense’, it probably would just draw unwanted attention. That is why this is just a ‘basic’ guide. I purposely left out some options that may be technically better, but are too difficult to use for most people.
Fortunately, ‘bad guys’ are often opportunists, so even a few steps in the right might skew the effort vs. reward equation in our favour.
And of course, we still can whisper and use the traditional postal service… :)
or maybe its not safe to use the postal service???
https://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mail.html?_r=0
Nice article and I totally agree about Facebook and all the social media.
I’ve hated Facebook with a passion since it started and I’ve offended many people by telling them that I just don’t do Facebook and I just won’t read their pages.
It’s not just the lack of privacy and the ads, the entire concept of having all these online friends is disgusting. Facebook is a marketing platform and for people who can’t spell (or type). There are actually people who continually get text messages about posts on their “wall”, comments, etc. from morning to night.
The worst part is that the world loves it and I think people on average are getting dumber every year.
Hi Fraser this is wonderful – thank you so much for the effort and information and to others who have added some “tweaks”. Bron
Hey Fraser just wondering if there are some of the Firefox add-ons you haven’t mentioned that are worth using or avoiding please?
U.S. Postal Service Logging All Mail for Law Enforcement
https://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mail.html
Wow,
Interesting post. I installed Ghostery and Adblock Edge and its crazy how many things are being flagged. Definitely didn’t think it was this bad.
Thanks Fraser.
Rohan
thanks a lot for sharing this. it’s so creepy.. what about the privacy of skype calls?
A sterling piece of well researched advice, thank you. However,it begs the question of ‘what is privacy’. If your personal data is amalgamated with that of others and only used in that way. Do you have privacy?
Many people in the UK and probably elsewhere have been spared terrorist perpetrated atrocities thanks to eavesdropping by the security services. Is the surrendering of some privacy in the name of security a price worth paying?
What are we writing that needs to be hidden?
Hiding data from businesses is a whole other issue as is wearing clothing with brand logos (why do companies not have to pay for this kind of advertising?).
Why Privacy Matters Even if You Have ‘Nothing to Hide’
https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
“But the problem with the nothing-to-hide argument is the underlying assumption that privacy is about hiding bad things. By accepting this assumption, we concede far too much ground and invite an unproductive discussion about information that people would very likely want to hide. As the computer-security specialist Schneier aptly notes, the nothing-to-hide argument stems from a faulty “premise that privacy is about hiding a wrong.” Surveillance, for example, can inhibit such lawful activities as free speech, free association, and other First Amendment rights essential for democracy.”
Bron,
“…if there are some of the Firefox add-ons you haven’t mentioned that are worth using or avoiding please?”
BetterPrivacy guards against LSOs or “Flash Cookies”
https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/
NoScript is the best add-on I’ve found for control of what’s run in your browser. It’s a more advanced tool than the others mentioned and will break some web pages until you greant permissions for things to run.
https://addons.mozilla.org/en-US/firefox/addon/noscript/
A couple cloud storage providers that encrypt your data on the server and purport that they cannot decrypt it and only you.
https://spideroak.com/
https://www.wuala.com/
Your data is encrypted on your device before it is sent to the server. The caveat is both use proprietary technologies so you have to trust what they say is true. I wouldn’t trust any cloud storage provider with very sensitive data.
https://www.bbc.co.uk/news/world-europe-23178284
Firefox plugins:
I also use betterprivacy and noscript, but for most people noscript is too strict and causes pages to stop working, as Bill brought up. Another to consider is RefControl, which can block a site from knowing from which site/page you click a link to them.
The risk with going nuts with plugins is that (without noscript) sites can estimate your uniqueness by knowing which plugins you use on which, OS, screen resolution, etc. Check you browser’s uniqueness here:
https://panopticlick.eff.org/
And despite our cool privacy tools, we are still giving up our IP address when we visit a website, which is easy-as to find your location to at *least* a city level. Don’t forget that your IP address is in every email you send too (unless you are using Tor or a VPN).
For example, just today Bliss Permaculture had a couple signups for our PDC in August. I knew one of them was not legit cause they said they were from country X but their IP address showed them to be in a country well known for internet scams.
Skype: As mentioned, skype cannot be relied on to be secure. Jitsi is open source and uses a protocol developed by Phil Zimmermann, the developer of PGP/GPG encryption, for secure internet calls.
The biggest risk with insecure internet calls IMO, is that organized crime rings troll online conversations looking for juicy information blackmail people with.
That article about why privacy matters pretty much sums up my thoughts on the matter: The very foundations of democracy rely on an open government and private well-informed public, not the other way around. Otherwise, we run into trouble…
Thanks for that article on the USPS (which probably applies to most countries too).
Here’s an excellent documentary I just saw last night on the subject (Dutch with English subtitles):
https://www.youtube.com/watch?v=FUyB0Tsj6jE
http://www.permacultureglobal.com is great but they do have some privacy issues to work out. Even if you select the privacy option, which keeps your page from appearing on search engines like google when someone searches for you, the pages of everyone you follow will show up.
Thanks so much for this info. I have made the decision to ween myself off Google, Gmail, Chrome and all its tentacles.
I have been using Linux mint for years and thought I would just say how awesome it is here.
Just a note about the lavabit.com email you recomended. I created a new account and it works beautifully with Mozilla Thunderbird. However after reading the info on PRISM a few weeks ago I am a bit dubious about servers located in the US, and this one is in Dallas Texas. What is also concerning about PRISM, is that even traffic through the States, which is a lot as they are often the fastes route, can be scrutinised. The rediculous thing about all of this is that actual terrorists would just encript all their mail, so its just the rest of us who have nothing to hide who have data collected on them. I also noticed that most cameras these days have a geo-reference function which you may want to turn off if you dont want the exact location of every photo you post to be known.
https://en.wikipedia.org/wiki/PRISM_(surveillance_program)
Can anyone tell me if there is a way for National Security Agency to issue a national directive to their contractors funded to collect data that will broaden the concept of terror harming us to focus on pornographic content widely available on the Internet that is usually allowed under the 1st Amendment? For any family that has felt terror strike deep in their souls in learning their child has been raped–bloodied–damaged for his/her lifetime–or many of us who were victimised as children, even by inappropriate touching–all has lifelong emotional and visceral harmful consequences–we feel ‘on guard’ — we no longer can feel ‘secure’.
Secondly, plainly seeing imagery on pornographic internet sites of forcefully penetrating another human or animal is frightening–for some that fuels sociopaths’ imaginations so some imitate those acts??? The question is how could such violence be perpetuated and even permitted on the Internet? Having felt terror deep inside of our guts, it is incomprehensible to accept the unreasonable stretch that argues the business model of pornographic enterprise is protected under the 1st Amendment. We all want our children to be secure–we know pedaphiles are repeat offenders, almost incurable and the majority participate in the business of child pornography–providing ‘blueprints’ for terrorist actions on our youngsters.
Couldn’t the NSA-funded data collectors ‘spy’ on pornography or other ‘data’ that abuses children, supports fantasies such as the ‘man-boy’ clubs? Couldn’t the National Security Agency take on such a project that gathers evidence (with secret warrants from the court) that leads to criminal cases for protecting and preventing harm to our most vulnerable–our children? Anyone reading this will never forget the terror that strikes at our souls when we know a tender child was used for playing out a terrorising fantasy a sociopath learned from imagery on the Internet–later may have posted his imagery on the Internet to perpetuate terrorising vulnerable humans and animals.
Hi Jennfer
I’m sorry but I’m going to have to call bollocks to that post. If you have had some sort of traumatic experience I appologise but your post sounds way too much like the overly emmotive, and overly graphic fear mongering rhetoric that theses state agencies use to gain more power and control. I expect youre just trying to earn a few extra dollars by monitoring and blogging on sites, with the intent of spreading fear and furthering the agenda of the state. Most terrorism is state funded.
I’m no expert but I’m pretty sure sociopaths dont learn their trade by watching horrible things on the internet. By your reasoning we should first ban all television shows such as Dexter, which teach people to be serial killers and all video games which train people to kill, and horror movies…at least banning these things wouldnt impinge on our personal freedom, but these are not on the agenda because they actually further fear and terror in people.
Using parent’s love of their children to undermine their privacy and personal rights is a particularly insidious ploy. I can see why it is used, as not many people want to speak out about anything that might be seen to protect kiddy fidlers or torturers or whatever it is you say they are for fear of being labled one themselves.
If you want your children to be safer form a community and be engaged in their lives. Avoid debt so you arent forced into wage slavery, stay away from state run institutions,large powerful corporations and churches as they are all magnets for sociopaths, and stop listening to the rhetoric that the media feeds. Its just smoke and mirrors designed to lead you away from the truth.
People who are disempowered by design are easy targets for anyone who wishes to target them for whatever purposes.
Fraser, I had no idea you were also genius when it comes to this topic too, but I should have known better. I am aware of all the spying and already use duckduckgo, but the other sources you provided are greatly appreciated. Thank you!
Great article and i have been accused of being paranoid when talking about privacy and avoiding common mistakes like using your real name on Facebook.
To say that sacrificing some privacy so that we can have more security is complete aburdo-logic and makes about as much sense as saying we should let serial killers spy on us so that they can stop more murders from happening. The reason they are spying so aggressively is because they are engaged in covert war against all people, and use their false flag attacks to justify dismantling freedom. The endgame is historically clear, it is power and control at any cost, and a quarter of a billion murdered in the last 100 years ( democide ) is nothing to these war mongers. Of course most people I discuss this with cannot fathom it within their current belief systems, and this more than anything scares me.
We will never have any semblance of any sane culture if we continue to allow this wholesale war against freedom and law and continue to be brainwashed into thinking the real terrorists have authority over us. Its clearly documented now with the array of supporting evidence, whistle-blowers and scientific scrutiny that governments are responsible for false flag terrorism, and with their current and past record of aggressively dismantling our rights and freedoms, they are the clearest historical and present danger to life and freedom. Of course the wholesale rape and murder in Iraq and Afghanistan and what may be in store for us can stop, but it takes making a choice between whether you want to see your family and country destroyed, or maybe just listen to those who might know better than you in a certain area and take one hour of research into documentaries like endgame, 911 mysteries, etc.
If I can add some extra points of privacy if you are really paranoid, it can be useful to install a dual boot version of linux on your pc, preferably ubuntu for its popularity and support, and if you don’t want to leave any trace on that pc use Tails live cd from usb or cd. There are excellent youtube tutorials on how to do this, and it is worth it, as Windows is an absolute joke for security and has been screwing us with our information since their inception. It takes about 3 minutes to bypass ANY windows OS login password!
You can also save sensitive data on a usb or portable hard drive, preferably one with hardware encryption, then use good software encryption to make it even harder to access. Hide the usb or hard drive somewhere secure yet easy to remember.
Just a heads up on the recommended ghostery plugin recommended in the article:
https://www.techspot.com/news/52948-cookie-blocking-browser-plugin-ghostery-feeds-data-to-the-ad-industry.html
If you search Google (ahem, I of course mean Duck Duck Go) you will find more very critical press on ghostery. Does anyone know of a more trustworthy alternative?
By the way thanks for the article!
So much for lavabit. On the bright side, at least you were right and they did have integrity. So who can we use now???
https://www.theguardian.com/commentisfree/2013/aug/09/lavabit-shutdown-snowden-silicon-valley
Also
https://www.vice.com/en_ca/read/the-demise-of-lavabit-and-silent-circle-means-your-emails-will-never-be-safe-from-the-government
See this article about the lavabit fiasco:
https://www.permaculturenews.org/2013/08/12/the-end-of-email-privacy/
RE Ghostery: I’ll admit it’s going downhill since it was bought by an ad agency! I’ve noticed that it doesn’t always block google analytics. In the options, be sure to manually block all trackers and cookies, select auto update of the library, and block new elements by default (advanced). Deleting flash and silverlight cookies on exit is a good idea too.
I also tried out http://www.disconnect.me , but it was a bit confusing and I don’t like the fact that it is not available via the firefox add-on website. But feel free to give it a try and report your findings here!
https://www.bbc.co.uk/news/technology-25231757
Startpage (search engine) does not track.
Folks, you may find this guide useful
https://jackburden.ca/downloads/webtrackingnothanks.pdf
Thanks for sharing your thoughts about ace attorney 6.
Regards