Fear of Big-Data snoops sifting through your chat history, photo streams, and following your private trips across town?
Greta Garbo understood about privacy: She didn’t want to “be” alone, as the Hollywood myth-makers would have it. “I want to be left alone,” she insisted – a request that is becoming harder and harder to satisfy in these days of data-hungry apps.
Thankfully, there are ways to put your mind at rest.
Here are some of the options on the market that promise to put a virtual glove over your private and business communications, and keep what you say, write and do more private than simply checking public or friends on Facebook.
If you chat on Viber, WhatsApp Facebook, Snapchat, or Yahoo! Messenger, it is quite possible someone is listening. While it’s unlikely you will attract your own personal agent, like Gene Hackman in The Conversation, in the aftermath of the Edward Snowden revelations, and with new terrorism data collection legislation, there’s a growing chance your chats and messages are going somewhere they shouldn’t.
Since the 80’s, developers have produced a range of apps to make messaging and emailing more secure against big data eavesdroppers. Some well-known ones include
Use with an awareness that whatever you can do, they can do better. The EFF (Electronic Frontier Foundation, eff.org) has a handy scorecard.
Then there is OTR (Off-the-Record) messaging, a method for private, secure communication that allows two people to conduct encrypted conversations via instant message programs. Designed by cryptographers Ian Goldberg and Nikita Borisov in 2004.
Another good option is PGP (Pretty Good Privacy) for emails, a data encryption and decryption computer program that increases the security of e-mail communications, which was created by Phil Zimmermann in 1991.
Buy a Q-rated “Secure” Device
Turning Location Services on and off daily? Most of us can’t be bothered to fiddle constantly with various security settings on our smartphones or laptops, or decide between encryption apps. You don’t need to be 007 to get your own already secure, Q-approved device. For around €1000, you can get a phone that is already fitted with advanced security features, deep permissions management, and encrypted voice, text, and video chat built in.
The Android Blackphone 2, from the Swiss company Silent Circle, helps you to set the most granular permissions of all your apps, and routes your communications encrypted via Silent Circle’s private cloud VPN. This one is marketed as “the first smartphone to deliver privacy without compromise for personal and business use and without sacrifice on the powerful functionality and seamless usability of today’s most cutting-edge smartphones.” Wired magazine gushes, giving it a 7/10: “The phone… gives you a level of privacy control that far exceeds that of regular Android phones.”
Other phones available worldwide include: The Boeing Black, created by aerospace and defense giant Boeing (ca. €600); Sector Edge from General Dynamics (ca. €2800); Blackberry with SecureVoice, as used by President Obama; Teorem (and the Teopad), built by the Thales Group and in the French President’s suit pocket (POA); and the FreedomPop Privacy Phone, based on the Galaxy S2, also known as the “Snowden Phone”. It costs €170 with three months of unlimited text and voice, and 500MB of data.
Caveat Emptor: Some of these phones are being made by the same defense contractors and companies most likely building tools to spy on us – which might be of some concern.
To Tor or not to Tor
We have curtains and doors for a reason. Few want to be seen doing half the stuff they do in private. But online, there are no curtains, which is why many (possibly slightly paranoid) individuals prefer to communicate via the “underground internet” also known as the “deep web”.
Tor – mostly funded, ironically enough, by the US Government to encourage democracy in authoritarian states – is free and open software that allows users to browse the Web anonymously. Originally known as the “Onion Router”, it has achieved notoriety through various high-profile busts of pedophilia and human and drug trafficking rings. A Tor server operator in Austria found himself liable for the very dodgy traffic passing through his system. He’s fighting an appeal. Being an outlaw is risky business.
No Paper, No Plastic
Private financial transactions are no longer the sole purview of oligarchs, the Mafia and Swiss art dealers. Trading a digital currency like Bitcoin can mask the user’s identity through a dizzying complex of address swaps, multiple inputs and “mixing services” that exchange transaction histories.
Bitcoin, the first decentralized digital or “cryptocurrency”, was released by Satoshi Nakamoto in 2009. It is an open-source, peer-to-peer digital asset and payment system, where owners sign transactions using a private key. Bitcoins can be exchanged for “mining services” (payment processing bitcoins via personal computer power), other currencies, products and services. Low interest rates make it attractive for businesses and private users.
The downsides? Criminal networks enjoy a healthy black market in bitcoins, which naturally attracts law enforcement agencies. And if you lose your private key, your bitcoins will remain valueless on your hard drive forever. Much like a Swiss bank safety deposit box.
It’s easy to be flippant about protecting one’s data, protesting you “have nothing to hide”, that your chats and photos are “not interesting to anyone”, that you “can’t possibly be on anyone’s list.” But as with navigating a new city or going on a questionable Tinder date, some protective measures are simple common sense.
Here is a basic “To-Do” list any spy worth his salt should have committed to memory before setting off on the next mission:
Passwords: The more complex the better. A combination of letters, numbers and symbols, preferably from obscure languages. Hide them better than your keys. Change them as frequently as your socks. If you can’t recall it, how can a potential enemy agent?
Safeguards: Where a shark-infested pool is not an option, secure your devices with equally complex pin numbers and two-step authentication. If you sign in with a biometric print, Jacob Applebaum recommends wiping it off afterwards to avoid “print lifting.” With future devices, DNA sign-in may be possible, so if your bodily fluids activate your phone, clean it off ASAP.
Remote Wiping: If your phone stayed behind in your last Uber tour of a mysterious Eastern European city, your remote phone locator has a nifty wipe function. You may find it half an hour later under your hotel bed, but you can always download your Tinder chat history from the cloud.
Software: Always update and use some sort of anti-malware apps. “No Glove, No Love” works online as well as off.
Stay “Sniff” Alert: Hackers can set up “Evil Twin” hotspots in public internet spaces. Buy a tuxedo or pen recorder over a railway station’s WiFi, and you are begging a bad hat hacker to “sniff out” your password and credit card details.