Practical security precautions for the worst-case scenario
There will be a time to reflect on how exactly we came to be in this mess. Right now, we have to get ready for the potential loss of Constitutional protections against restraints on speech, unreasonable searches and seizures, and other fundamental rights.
Mother Jones Editor in Chief Clara Jeffery issues a call to arms in a December 13, 2016, post entitled “Time to fight like hell.” Jeffery outlines the road to where we are now and expresses the heartbreak so many people feel about the misnamed United States of America. As Jeffery points out, when we are divided, we are weak and susceptible to totalitarians. We must unite in defense of our democratic republic. Not as Democrats and Republicans, or as liberals and conservatives. We must fight together as Americans.
Batten down the hatches with encryption, two-factor authorization
If everyone encrypted all their communications and files, there may not be a “Wikileaks.” Most people think of wall-to-wall encryption as overkill. It takes a toll on processing power, bandwidth, and other computer resources. Now paying for encryption services could be the wisest investment you ever make. In a December 8, 2015, article, the Washington Post’s Andrea Peterson provides a top-to-bottom look at encryption, including the reasons why calls for a ban on backdoor-less encryption are ridiculous.
As I wrote in the November 1, 2016, Weekly, VPN services cost from $7 to $13 a month or $40 to $100 a year. That article also describes the encrypted-storage services Boxcryptor, Tresorit, and SpiderOak, which cost from $50 to $300 per year. Likewise, the encrypted email service Hushmail costs $50 a year for a personal account, and from $6 a month per user for a business account. As you can see, if you want to stay safe on the internet, it’s going to cost you.
Fortunately, there are plenty of free tools that offer much of the protection you get with encryption services. A great example is the Electronic Frontier Foundation’s Privacy Badger, which was just updated to version 2.0. Another essential browser security extension is the EFF’s HTTPS Everywhere, which ensures your browser connects to only encrypted sites whenever possible.
The Brave browser promotes itself as “faster and safer,” but after using Brave for several weeks, I switched back to Opera, which bills itself as the “fast, secure and easy-to-use browser.” I also use Firefox and switch between that browser and Opera throughout the workday. Brave offers built-in ad blocking, but it places its own ads and also asks you to contribute a set amount per month that gets paid to the sites you visit. Brave has many nice features, such as a reading of the current page’s load speed, but many sites don’t render correctly when you open them in Brave.
There’s one security technique that’s widely available, free of charge for most people, and nearly foolproof in protecting your online accounts, yet it is rarely used because it’s a minor pain. Two-factor authentication uses your phone or another device to confirm your identity when you enter your ID and password. In most cases, a code is sent via text to your phone. You enter the code on the service’s access page to open your account. (I wrote about “true” two-factor authentication in the February 24, 2016, Weekly.)
As part of the EFF’s “12 Days of 2FA,” Gennie Gebhart describes in a December 8, 2016, article how to enable two-factor authentication on Facebook, Twitter, Bank of America, Google, and other services. I use 2FA on about half of the services I use regularly, including Twitter and iTunes/iCloud. I can attest to the added hassle of entering the text-delivered passcode, but it’s a small price to pay for the added protection 2FA offers.
Block those ads! Block those ads! Block those ads!
Another free browser extension I consider a necessity is AdBlock Plus, which some web sites consider evil because it prevents them from collecting ad revenue. The sad fact is, the ads that appear beside the content on web sites often contain malware, as I explained in the October 18, 2016, Weekly. In a December 7, 2016, post on Boing Boing, Cory Doctorow (one of my personal heroes who you should follow on Twitter if you do that sort of thing) reports on criminals who for two years collected sensitive information via malware embedded in ad banners.
Speaking of AdBlock Plus, a German court recently ruled that use of this and other ad blockers is legal, rejecting a claim by publisher Der Spiegel that separating the ads from the “content” violated the publisher’s “unified offer” to its online customers. The court also found that Der Spiegel failed to show that Eyeo, the company that makes AdBlock Plus, intended to damage the publisher’s profitability or interfere with its operations. Ars Technica’s Joe Mullin reports on the decision in a December 9, 2016, article.
Be discrete in the personal info you share with private entities
If you thought I could make it through an entire Weekly without recommending once again that you quit Facebook, you were mistaken. Okay, keep using Facebook, but before you do, take a look at all the private data the company is collecting about you, as described by Larry Kim in a December 7, 2016, article on Medium.
Kim provides a single infographic showing all the categories of users Facebook allows its advertisers to target: by the car they drive, the charities they contribute to, their relationship status, their income, employer, job title, age, ethnicity, age of children, the number and ages of people in your household, activities with children (“soccer moms”), your politics, your interests, even who your friends are. The list goes on and on.
Ask yourself: “Who are the advertisers sharing this information with?” Personal data is the currency of the future, and us persons are the “mint.” What are you getting in exchange for all this valuable information you’re giving up? Is it a fair bargain?
But don’t listen to me. Take it from Cory Doctorow, who writes in a December 6, 2016, post on Boing Boing that he quit Facebook six years ago, and “not a day goes by that I don’t’ realize that my life is better for it.” Doctorow refers to another December 6, 2016, post by “Mathbabe” Cathy O’Neil, the mathematician who coined the phrase and wrote the book “Weapons of Math Destruction.”
O’Neil didn’t consciously quit Facebook, but one day the service notified her that she had to change her password for some reason. She writes that she went to the page where Facebook prompted her to enter her new password, but she simply refused. She went to the page repeatedly, but wouldn’t enter a new password. Over time, she stopped going, and now she writes “I don’t miss it, and my life is better.” O’Neil states that she sometimes thinks about what her Facebook friends are up to, but she concludes that “they’re probably all still there, wondering how they got there.”
Vice’s Thomas Rid: All signs point to Russia being behind the DNC hacks, just in case you are curious about what someone who knows about “the cyber” has concluded.
Pro Publica: There are only “a couple hundred thousand” white supremacists in the U.S., according to right-wing researcher Chip Berlet (interviewed by A.C. Thompson), but “they have a lot of guns.”
Pro Publica (again): Guilty on day one – the Emoluments Clause of the Constitution prohibits the President from receiving gifts from foreign countries without Congressional approval, as Richard Tofel explains.
Technology Academics Policy: U.S. Court of Appeals for the Ninth Circuit rules in FTC v. AT&T Mobility (9th Cir. August 29, 2016) that the Federal Trade Commission lacks jurisdiction over “companies that engage in common carrier activity.” According to Daniel J. Solove in a December 7, 2016, article, the ruling creates a “gaping hole” in consumer privacy protections. Solove calls the decision “foolhardy and naïve” because it excludes FTC jurisdiction for all activities by the company, not just for its common-carrier activities.
Just for fun: Frank Zappa is serenaded by the U.S. Navy Band playing “Joe’s Garage” as Zappa deplanes at SFO back in 1980. As Lou Reed sang in another great song, "Those were different times."
Here’s the scenario I envision:
I can dream, can’t I?