Skip to the bottom if you’re familiar with PRISM and don’t want to hear any political talk and rampant violations of our Constitutional rights, but still want to protect your privacy.
For those of you who haven’t been paying attention, the PRISM program is an NSA program to monitor electronic activity.
Lots of electronic activity.
The companies identified to be working with the NSA in this grand overreach include AOL, Apple, Facebook, Google, Microsoft, PalTalk, Skype, Yahoo! and YouTube. For most people, that is the definition of “the internet”. If you’re doing it online, the NSA is–or could be, at their leisure–watching.
This isn’t a crazy conspiracy theory. This is happening, and the government has admitted it. In fact, when this broke, the executive branch’s response was along the lines of, “Don’t worry, we’ll find the guy who leaked this information.”
On top of that, the government has been demanding phone records from at least Verizon on a daily basis.
In addition, the Justice Department was just busted wiretapping Associated Press phones.
Seriously, if you put this in fiction, nobody would buy it, because it’s ridiculous in the land of the free.
As far as the people who say I’ve got nothing to worry about if I’m not doing anything wrong: shut up. You can speak again when you give me your email passwords, bank records, and let me install a toilet cam in your house. What are you trying to hide?
Seriously, there is such a mess of non-legislative administrative regulations that are considered felonies that the best estimate is that most people commit three felonies a day, without realizing it.
- Catch your kid with a joint and neglect to call the cops? Welcome to the federal penitentiary.
- Use one of those pill planner things to sort prescription meds for your half-senile grandmother? In some states, that’s a felony.
When we live in a system with so many rules that have never been voted on and our legal system refuses to consider legitimate ignorance of the law to be a defense and we have a collection of secret laws that are a felony to disclose or violate, government spying gets far more dangerous.
- Many TSA guidelines are secret.
- The Banking Secrecy Act of 1970 has a number of secret provisions.
- FISA.
The Foreign Intelligence Surveillance Act of 1978(FISA) is the law the NSA is using to justify all of these data requests. The law, that we all must obey, is being overseen by a small subcommittee in Congress, and the FISA courts are just a small subset of the judges. The judges are signing warrants allowing the wiretaps and massive surveillance, but that is clearly unconstitutional and, hence, illegal.
The text of the Fourth Amendment to the Constitution, the supreme law of the United States is: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
Any warrant that cannot name a place to be searched is illegal.
Any warrant that cannot describe the person to be monitored is illegal.
Any warrant that is not backed by probable cause is illegal.
Tell me how “I want to watch what everyone is saying on Facebook and seize all of the data” meets any of those criteria.
Bueller?
Wiretapping the AP is a serious violation of the First Amendment, too. “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.”
“Congress shall make no law…abridging the freedom of speech, or of the press..and to petition the Government for a redress of grievances.”
Monitoring the press in case somebody breaks a story the government doesn’t want broken is crap.
How can we petition the government for redress of grievances that they call a felony if the company discloses the violation to us? It’s self-serving circular crap.
When you throw the IRS harassing charities working for the “wrong” politics, you start to pine for the good old days of Nixon-level fair play and integrity.
To be fair, FISA got nasty with the Patriot Act, which was an abomination enacted by a different political party. Hey, Washington, next time try to remember that your laws will someday be administered by your political enemies, k? (NSA: I trust you’ll pass the message for me?)
Political talk is over. How do we stop the government snooping?
There are four main pieces to discuss, based on the scandalous Constitutional violations reported recently.
1. Social media monitoring. There’s nothing to this. If you post things on Facebook, the government sees it and knows it’s you. Don’t post anything you don’t want broadcast to the police, your grandmother, and your priest.
2. Internet browsing. There is very little that is secure on the internet. The government can subpoena your ISP and get any records they keep. Unless you go anonymous and encrypted. Welcome to TOR. The Onion Router is a system that encrypts your internet traffic and bounces it all over the world. Once you enter TOR, nothing you do can be tracked, until your internet request leave the TOR system. The system is not centrally owned or controlled, so nobody in the system can track what you are doing.
For example, if I use the TOR browser to search Wikipedia, a snoopy NSA goon could tell I’m using it, and they could tell there was a request from the TOR system to Wikipedia, but they can’t tie one request to the other. If I’m dumb and log into Facebook, I lose that anonymous shield.
That’s solid protection from anyone watching your internet traffic.
How do you use it?
Easy. Just install the Tor Bundle. When you want the NSA to stop snooping over your shoulder because you want to do a search on erectile dysfunction, you launch TOR and the TOR browser and search without having to share your embarrassing secrets.
3. Email. Email is easily the least secure means you can communicate. When you send an email, that message is in plain text, and it bounces from server to server until it reaches the recipient. Any of the involved servers can keep a log of the traffic and read your email.
Never, ever, ever, ever put anything incriminating or important in an email. Don’t send credit card numbers, your social security number, or the address of your meth lab.
But what if you want to have a dirty conversation with your spouse without letting the sick voyeurs at the NSA listen to you ask your wife what she’s wearing and how would she like it torn off?
Use PGP. OpenPGP is a free software encryption program that is basically impossible to decrypt. It’s known as public-key encryption, which means that anybody can encrypt a message to you that only you can read.
It’s like magic.
To use PGP, the easy way(for Windows users) is to get Gpg4win. Install that, then open Kleopatra. This will let you generate your encryption key. You do that by:
- Clicking File, then New Certificate
- Click Create Personal OpenPGP key pair
- Enter your name and email, then click next, then “Create Key”. Enter your passphrase when asked.
You now have a set of PGP keys. To get your public key that others can use to send you messages, right-click your certificate and select “Export certificates”. Pick a path to save the certificate, then do so. You can open this file with notepad to get your public key, or you can email the file out. There is no need to worry about security with this file.
You will end up with something that looks like my public key here:
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v2.0.20 (MingW32)mQENBFGyPPkBCAC8zc5B7srG/ZyRMpokP3KyIMd9GA4n94wT89sP/yWFylbTKXDM
S2vC0yXh4zDJshJ1odj+spJGeYaXHCJM21buzKYf0gZsUGIbkVZWRy8ch16+umFl
DuTMaCN5Yue6ehGsjH8N+4q7pmXSlyRXRXzG0A4d9de4SQnfO65e1CMaQhFMpJu0
mXK8KFLqJ560efzlTTZvN3o5RfxYhtB3ODoDfkGeBLIxGVYn1kYbowTcvwymATOb
iSHwNfH+vY+kuTnrG9ilLyprDKwAF+ErD87WP0pLKVIQvoMV69VHEoRhHqK45iJG
j0ZhtTA4emnGZtCNsdfPLUdws1k9SNeIpd9pABEBAAG0H0phc29uIDxqYXNvbkB3
YWxiZXJnb25saW5lLmNvbT6JATkEEwECACMFAlGyPPkCGw8HCwkIBwMCAQYVCAIJ
CgsEFgIDAQIeAQIXgAAKCRDRFT/09vSoj10ECACVE/ngHyzX1lnMlucW4Rx8b8ii
KK8v/AmVkrJZgI3umuJn906sGGA8fNjxUGYH5fX6R7Diud4SEnZWADSq5pAImOv+
qZnPdpJKjMaY6qr+trr0DGsCoen+TxzM7rClBz3TTURI5SbySojHvQoEiCHHPBw1
yY3+leoUzLmso98ocA2lY4Iuvr7/fAzuQEFhBdxxLtS7mDWdmUca+A6GsrCr4LZ7
fpovRCNv07BoAa5ql+GrPOcsIcLwSoEtkhjCo4vPDeveqsnLT0W7N9YBPiGMpHPm
0oFxniC6/eWtI+3C8QFYO3X+CC5yTYpqJJ0BJWhXjiqYmr290d3AN+hYck3T
=fHba
—–END PGP PUBLIC KEY BLOCK—–
To get your private key, that you can use with any number of plugins for your email client, right-click on your certificate and select “Export secret keys.”
You can either use PGP as a plugin for your email client, or you can use Kleopatra’s feature “Sign/encrypt files”. To do that, write your message in a file, then select the feature inside Kleopatra. You’ll end up with an encrypted file you can attach to your email that snoopy government man can’t read.
4. Phone calls. This would appear to be harder, since your phone is largely out of your control. There’s nothing practical you do about a landline, except to avoid saying anything sensitive. On your cell phone, you have options, assuming you use a smartphone.
For Android users, it’s free an easy. Install Redphone. If you place a call with Redphone, it checks to see if the caller also uses Redphone. If he does, it places an encrypted call over your data plan to the other phone. Nobody can listen in to an encrypted call. The same company also makes a program for texting.
For iPhone users, you’re stuck with Silent Circle for $10/month, which may be a better option, since there is support for more devices, including Android. It was designed by the guy who designed PGP and handles texting and email, too.
That’s it.
There you are, the whats, whys, and hows of modern, hassle-light, private communications. Doing what we can to foil bad government programs is our patriotic duty.