In the course of writing my book, Dragnet Nation, I tried various strategies to protect my privacy. In this series of book excerpts and adaptations, I distill the lessons from my privacy experiments into tips for readers.
Ever since Edward Snowden revealed the inner secrets of the NSA, he has been urging Americans to use encryption to protect themselves from rampant spying.
“Encryption does work,” Snowden said, via a remote connection at the SXSW tech conference. “It is a defense against the dark arts for the digital realm.”
ProPublica has written about the NSA’s attempts to break encryption, but we don’t know for sure how successful the spy agency has been, and security experts still recommend using these techniques.
And besides, who doesn’t want to defend against the dark arts? But getting started with encryption can be daunting. Here are a few techniques that most people can use.
Encrypt the data you store. This protects your data from being read by people with access to your computer.
- Encrypt your hard drive so that if you lose your computer or you get hacked, your information will be safe. Most recent Apple Macintosh computers contain a built-in encryption system called FileVault that is simple to use. Some versions of Microsoft’s Windows 7 also contain a built-in encryption system called BitLocker. Another popular solution is the free, open-source program TrueCrypt, which can either encrypt individual files or entire partitions of your computer or an external hard drive.
- Encrypt your smartphone’s hard drive. Yes — your smartphone has a hard drive much like your computer has. In fact, your phone probably contains as much — or more — sensitive information about you as your computer does. Apple doesn’t let you encrypt your smart phone’s hard drive or the files on it, though it allows encryption of your phone’s backup files on iTunes or iCloud. You can also use Find my iPhone to remotely “wipe,” or delete the data on your iPhone or iPad if it is lost or stolen. Google’s Android operating system lets you encrypt your phone hard drive.
- Encrypt the data you store in the cloud. I use the SpiderOak encrypted cloud service. If an encrypted cloud service were somehow forced to hand over their servers, your data would still be safe, because it’s encrypted using a key stored only on your computer. However, this also means that if you lose your password, they can’t help you. The encrypted data would be unrecoverable.
Encrypt the data you transmit. The Snowden revelations have revealed that U.S. and British spy agencies are grabbing as much unencrypted data as they can find as it passes over the Internet. Encrypting your data in transit can protect it against spy agencies, as well as commercial data gatherers.
- Install HTTPS Everywhere on your Web browser. This encrypts your Web browsing sessions, protecting you from hackers and spy agencies that scoop up unencrypted traffic across the Internet. Not every site works properly with HTTPS Everywhere, though an increasing number do.
- Use encrypted texting apps with friends who install the same apps on their phones. On the iPhone, Silent Circle and Wickr offer apps for encrypted texting. On Android, the TextSecure app encrypts texts in transit and when they are stored on your device.
- Use the Off-the-Record Messaging protocol to encrypt your instant messaging conversations. You can still use your favorite instant-messaging service, such as Gchat or AIM, though you’ll need to use a software client that supports the Off-the-Record protocol. On Macs, free software called Adium can enable OTR chats, and on Windows, you can use Pidgin. Once you’ve set up OTR and gone through a simple verification step, you can IM as you usually do. Both parties have to use OTR for the encryption to work.
- Use Gnu Privacy Guard to encrypt your email conversations. Like OTR, if you’re using GPG you’ll need the people you email with to use it as well in order to encrypt your conversations. I use free software called GPG Tools with Enigmail and Postbox. GPG Tools also works directly with Apple’s built-in Mail program.
GPG has some shortcomings — it’s difficult-to-impossible to use it with the mail program built into most smartphones, and you can’t use it easily with webmail like Gmail. (Although there are some new web-based mail programs that use GPG called Mailvelope and StartMail that I haven’t had a chance to try yet.)
The most difficult part of GPG is that, unlike the encrypted texting and instant messaging programs, you have to generate a secret key and keep it somewhere secure (usually on your computer or on a USB stick). This often means you can only send GPG mail when you have your key with you. Even so, it is incredibly satisfying once you send your first message and watch it transform into a block of numbers and letters when you click “encrypt.”
Angry, shocked, overwhelmed? Take action: Support independent media.
We’ve borne witness to a chaotic first few months in Trump’s presidency.
Over the last months, each executive order has delivered shock and bewilderment — a core part of a strategy to make the right-wing turn feel inevitable and overwhelming. But, as organizer Sandra Avalos implored us to remember in Truthout last November, “Together, we are more powerful than Trump.”
Indeed, the Trump administration is pushing through executive orders, but — as we’ve reported at Truthout — many are in legal limbo and face court challenges from unions and civil rights groups. Efforts to quash anti-racist teaching and DEI programs are stalled by education faculty, staff, and students refusing to comply. And communities across the country are coming together to raise the alarm on ICE raids, inform neighbors of their civil rights, and protect each other in moving shows of solidarity.
It will be a long fight ahead. And as nonprofit movement media, Truthout plans to be there documenting and uplifting resistance.
As we undertake this life-sustaining work, we appeal for your support. We have 2 days left in our fundraiser: Please, if you find value in what we do, join our community of sustainers by making a monthly or one-time gift.