Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

How to remain secure against NSA surveillance
The Guardian ^ | 9/5/13 | Bruce Schneier

Posted on 09/06/2013 4:15:48 AM PDT by shego

Now that we have enough details about how the NSA eavesdrops on the internet, including today's disclosures of the NSA's deliberate weakening of cryptographic systems, we can finally start to figure out how to protect ourselves....

At this point, I feel I can provide some advice for keeping secure against such an adversary....

1) Hide in the network. Implement hidden services. Use Tor to anonymize yourself. Yes, the NSA targets Tor users, but it's work for them....

2) Encrypt your communications. Use TLS. Use IPsec. Again, while it's true that the NSA targets encrypted connections--and it may have explicit exploits against these protocols--you're much better protected than if you communicate in the clear.

3) Assume that while your computer can be compromised, it would take work and risk on the part of the NSA--so it probably isn't. If you have something really important, use an air gap. Since I started working with the Snowden documents, I bought a new computer that has never been connected to the internet....

4) Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well....

5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it's harder for the NSA to backdoor TLS than BitLocker, because any vendor's TLS has to be compatible with every other vendor's TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it's far less likely those changes will be discovered....

Since I started working with Snowden's documents, I have been using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit....

(Excerpt) Read more at theguardian.com ...


TOPICS: Crime/Corruption; Government; News/Current Events; Technical
KEYWORDS: bigbrother; computersecurity; encryption; nsa; security; surveillance
Navigation: use the links below to view more comments.
first previous 1-2021-4041-42 last
To: ClearCase_guy

These pretzels are making me thirsty.


41 posted on 09/06/2013 2:36:00 PM PDT by pluvmantelo (No blood for Obama's Intemperate Linedrawing)
[ Post Reply | Private Reply | To 5 | View Replies]

To: zeugma
I think it's largely the government's fault that solid crypto isn't already deployed routinely in the majority of your internet activity.

Clearly so -- if not for government interference the system would have had crypto with digital signing (making unauthorized intrusion effectively impossible) long ago.

The NSA has caused one of the basic infrastructures of Western civilization to be hobbled with Swiss cheese security. It's as if (for example) all air bases were required to turn off their radar warning systems at prescheduled times so that the REMFs in Washington would be able to send surprise inspectors and make sure the COs were performing as ordered.

42 posted on 09/07/2013 2:19:38 PM PDT by shego
[ Post Reply | Private Reply | To 35 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-42 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson