Domestic Agencies Such as The NSA Have Been Spying on Everyone for Decades
We all knew it. Even before Edward Snowden blew the whistle we all knew it, we just didn’t know how deep it went. Not only was the US spy agency doing its spy agency stuff abroad to our perceived enemies, but it was also doing it to our allies and domestically to its own citizens.
The Snowden leaks rocked the information security world exposing the NSA’s $250 million annual budget just to ‘encourage’ commercial software vendors to build backdoors into their products to make them easy to exploit. These tactics weren’t just for software vendors either; according to Snowden, the NSA routinely intercepted shipments of Cisco products that were headed out for export so that they could install hidden surveillance tools on them.
They also have a longstanding partnership with AT&T, who gave them access to billions of emails that traveled through its domestic networks and assisted with wiretapping Internet communications at the United Nations headquarters. The laundry list of examples is practically never-ending.
Even if it’s impossible to completely block yourself out from the tentacles of the NSA, there are ways to fly under the radar and make it more difficult for them to invade your privacy.
Take Standard Security Steps
First and foremost, you should follow the same steps that you would use to thwart hackers – see our article on protecting yourself from hackers if you don’t know where to start. Always follow standard information security practices.
It should be no surprise that the NSA makes use of many of the same tactics employed by them. These steps include using complex passwords, security questions that aren’t easily guessed, and keeping your software updated with the latest security patches – yes, we all hate Windows Updates, but they do help keep your computer secure against known vulnerabilities.
In 2013, one of Edward Snowden’s most disturbing revelations was that The NSA was able to crack many of the encryption technologies already in place.
Encryption, however, is nothing more than a weapons race where what’s good today must be updated tomorrow to stay ahead of the bad guys. Currently, the best data encryption services are ones which use end to end encryption which ensures that even your Internet Service Provider who is passing the data cannot actually read it.
End to end encryption isn’t available everywhere, but you should use it where you can. Apple’s iMessage and FaceTime utilize end to end encryption as does the instant messaging software WhatsApp which can also make encrypted calls between its users. Encrypted messaging is critical.
Your data is encrypted locally on your own system using a password you create and the encrypted versions are stored on the servers. In this way, without knowing your password, even the company cannot read your files.
These companies are known for their tight information security practices and ability to consistently update their systems to stay ahead of the enemy.
One thing to keep in mind when it comes to end to end encryption and “Zero Knowledge” policies is that if you ever do forget your password, you’re pretty much screwed; the companies themselves can’t even crack your data – which of course means your information is likely out of the prying hands of the NSA.
Use Open Source Software for Encryption
It used to be considered poor information security procedure to use any open source products, but the reality is once the Snowden bombshell implicated the big corporate players like Microsoft and Google, their encryption techniques must but looked upon with scrutiny.
Although Microsoft’s BitLocker may be currently considered to be an unbreakable lock, there’s no reason to think that the NSA hasn’t been given a skeleton key that relieves them of having to break the lock at all.
The NSA Collects Everything About Everybody
You don’t have to be a suspected terrorist or involved in espionage to have your communications and data targeted by the NSA.
The information leaked by Edward Snowden taught us that to be a potential target for data collection, you only need to exist. In the post-Snowden days, Americans are (or at least should be) aware of how their privacy can be violated for no other reason than simply being alive.
Even if you can’t keep them out totally, taking the appropriate steps can at least cloak your path a bit and keep other bad guys out of your business.
Sharif Jameel is a business owner, IT professional, runner, & musician. His professional certifications include CASP, Sec+, Net+, MCSA, & ITIL and others. He’s also the guitar player for the Baltimore-based cover band, Liquifaction.