Thanks to Edward Snowden’s disclosures, we know that the NSA’s internet dragnet relies on two things to easily collect information. First, most people use services provided by major tech firms like Google, Apple and Facebook that can, willingly or by force of a national security letter, be tapped. And two, most people don’t take steps to encrypt and secure their private information and communications.
Yet these two things can be easily changed by all of us, without the need for legislation or executive action. In doing so, each of us can resist bulk data collection and begin to reclaim our privacy online.
We’re joining today’s Reset The Net action and encourage all of you (if you haven’t already) to take a minute today to strengthen your own security, or (if you have) talk to a friend, family member or co-worker and encourage them to review the steps they take to ensure their privacy online.
Think about how you use the internet. What apps do you most often use? Which services host your emails, chats and documents? Where do you store your passwords, and when’s the last time you changed them?
While you might not want to encrypt every step you take on the internet, some of the following tools are good to have for when you do need some extra privacy — like when you’re using wifi at a cafe, or when you’re emailing with an attorney or doctor. Or, you know, when you just don’t feel like being spied on.
I am by no means an expert on the topic of privacy tools and internet security, and none of these tools can ensure 100% protection from targeted surveillance. Some tools have a bit of a learning curve, and others are pretty seamless to use in your daily routine. Regardless of what you choose to do, they add a layer of obscurity to deter the kind of lazy exploitation employed en-masse by organization like the NSA. I therefore welcome those with greater understanding of these tools and technologies to join in the comments and on Twitter using the hashtag #ResetTheNet with their thoughts and suggestions.
There are a wide range of options out there if you want to anonymize and secure your connection to the internet. Many are free, and there are options on the easier side of things, like the Tor browser bundle and on the more difficult side of things, as is the case with setting up a Virtual Private Network (VPN).
Tor is perhaps most widely known because of the relative ease involved with its set-up and execution. Even if you don’t think you’ll need this much security and privacy in your daily browsing, Tor could be a good thing just to have on your machine for when you need to do things that involve private information.
Password Generation and Storage
One of the easiest things you can do to increase your security is to craft better passwords and use different passwords for different services. There are some password management tools out there that can help you do this. Passpack is a great one, that offers multiple levels of security to access and has great flexibility. You can generate passwords along multiple criteria (case, numbers, letters, symbols) and easily copy them at the click of a button.
Email services, clients and encryption
There are many more transparently-run (and free) services out there that offer greater levels of security and encryption than the Big Name brands. This list of Privacy-Conscious Email Services is a good place to start if you’re looking to move to a company that will give you a little bit more security from the dragnet.
But if you just can’t extricate yourself from the major sites, there are still steps you can take to strengthen your privacy. Using an open source email client like Thunderbird, coupled with PGP encryption, is a good start.
If you don’t want to download an app to encrypt your emails, you can use extensions for Chrome and Firefox browsers such as Mailvelope instead, which easily embed encryption tools in mail services like Gmail and Yahoo! Mail.
You can also use anonymous chat services like Cryptocat, which is available as a web application or via mobile.
Chatsecure is also a good secure instant messaging app for mobile, available on Android and iOS.
Mozilla’s Firefox is generally considered to be one of the safer browsers out there, and can be made even stronger by using the JonDoFox profile.
But if you’re looking for something even more secure, I’d recommend the Tor browser bundle mentioned in the beginning of this rundown.
If you use a browser like Chrome or Firefox, there are some extensions out there that can improve your security as you surf the web.
HTTPS Everywhere encrypts your traffic with thousands of popular websites. This is a great tool you can pretty much always leave on your browser to enhance your security.
I mentioned Mailvelope before but I think it’s worth mentioning again. If you’re a big gmail or yahoo user, this is IMHO the easiest way to encrypt your emails without having to totally change your workflow.
Self-Destructing Cookies is a Firefox extension that basically flushes your browser cookies when they’re no longer being used by open tabs.
Disconnect.me Search is a great anonymous search extension that lets you search through google, bing and other engines.