The blog of Xeno, a slightly mad scientist
Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.
— Edward Snowden, answering questions live on the Guardian’s website
The NSA is the biggest, best funded spy agency the world has ever seen. They spend billions upon billions of dollars each year doing everything they can to vacuum up the digital communications of most humans on this planet that have access to the Internet and and the phone network. And as the recent reports in the Guardian and Washington Post show, even domestic American communications are not safe from their net.
Defending yourself against the NSA, or any other government intelligence agency, is not simple, and it’s not something that can be solved just by downloading an app. But thanks to the dedicated work of civilian cryptographers and the free and open source software community, it’s still possible to have privacy on the Internet, and the software to do it is freely available to everyone. This is especially important for journalists communicating with sources online. …
Protecting your privacy in the age of ubiquitous NSA surveillance is incredibly complex. Gaining a basic understanding of the concepts involved, much less actually using the software that’s available, has an enormous learning curve.
But even with direct access to all the data traveling at the speed of light through the Internet’s backbone fiber-optic cables, even with cooperation of the major United States tech companies (which are extremely difficult for people to boycott), the largest, most powerful, and best funded surveillance apparatus that humanity has ever seen cannot defeat mathematics.
The challenge of the new cypherpunk movement is to make secure and verified end-to-end encryption accessible to everyone, and turned on by default. …
Article 12 of the UN’s Universal Declaration of Human Rights states that “no one shall be subjected to arbitrary interference with his privacy, family, home, or correspondence.”
It’s that last one that’s gotten everyone’s attention lately. Just how private is your correspondence online? Depending on your politics, NSA whistleblower Edward Snowden is either a vile turncoat or a revered hero, but either way he has advice on how to stay two steps ahead of the NSA.
He held an awesome “press conference” of sorts on The Guardian’s website, taking written questions from readers and typing out his answers online. We were most intrigued by his response to a question about encryption. If someone wants to stay off the NSA’s radar, could he or she encrypt emails and send them without arousing any suspicion?
Snowden’s response: “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”
A brief caveat before we dive in deeper with encryption. This whole “NSA domestic spying” news item is weird and scary, sure, but it has much more to do with the “connectivity matrix,” or the relationship that exists between personal and commercial computers all around the world and the fact that the NSA can exploit it. Yes, your privacy matters, but the real issue raised here is that the NSA can basically use a “cheat code” to become all-powerful in the internet “video game.”
That said, it’s useful to know how to effectively encrypt your email. Let’s talk about PGP encryption, one of the most popular ways of doing so. PGP stands for “Pretty Good Privacy.” It uses two “keys,” one publicly viewable to the world, the other kept solely to yourself. You can generate PGP keys to your heart’s content using the free tool at iGolder and a number of other services around the web.
Interesting. Does encryption really work? Yes, as far as Snowden knows. Most people won’t use these “complicated” tools. They instead will say, “I have nothing to hide.”
This is like saying, “Well, they needed it more than me… ” when you get robbed. Very nice of you, I guess.
If you have nothing to hide, why have curtains on your windows and locks on your doors? You may have nothing to hide, but do you want people you don’t know watching everything you do, every creative effort, every expression of love, every emotion, every personal struggle, every hope, every fear, every opportunity for someone to sell you something? Is that comforting to you? Does it feel like God is watching you?
In my view, non-criminal Americans should be using encryption to assert the Constitutional and human right to privacy.
Good night, God.