Sorry, You Can’t Really Escape the NSA

None

Activists protest the surveillance of U.S. citizens by the NSA outside the Justice Department where President Barack Obama gave a major speech on reforming the NSA January 17, 2014.
National Journal
Brendan Sasso
June 16, 2014, 5:34 p.m.

The world’s largest In­ter­net com­pan­ies and thou­sands of av­er­age In­ter­net users are try­ing to hide their private in­form­a­tion from gov­ern­ment snoop­ing.

The goal is to set up tech­no­lo­gic­al bar­ri­ers to the Na­tion­al Se­cur­ity Agency’s sweep­ing sur­veil­lance pro­grams. Rather than wait­ing for Con­gress to rein in the agency, many people want to take pri­vacy in­to their own hands.

But the truth is, ef­forts to im­prove on­line en­cryp­tion and se­cur­ity can’t totally thwart the NSA.

Joseph Lorenzo Hall, the chief tech­no­lo­gist for the Cen­ter for Demo­cracy and Tech­no­logy, said the idea of be­com­ing “NSA-proof” is “just silly.”

“If they want it, they can get it,” he said of the NSA’s ex­pert spies. The agency can hack or by­pass many se­cur­ity meas­ures if it is de­term­ined enough, Hall said.

And it doesn’t mat­ter how heav­ily en­cryp­ted an email is in trans­it if the NSA just forces the email pro­vider to turn the mes­sage over. While the NSA col­lects some of its data by sur­repti­tiously tap­ping in­to com­mu­nic­a­tions, much of the sur­veil­lance is done through court or­ders to In­ter­net and phone com­pan­ies.

Chris­toph­er Sog­hoi­an, the prin­cip­al tech­no­lo­gist for the Amer­ic­an Civil Liber­ties Uni­on, said tech com­pan­ies such as Google could ham­string the NSA if they just stopped col­lect­ing so much in­form­a­tion about their users. If a com­pany doesn’t have in­form­a­tion on a per­son, there’s noth­ing to turn over to the gov­ern­ment.

Of course, that’s not likely to hap­pen any time soon. Google and oth­er com­pan­ies de­pend on col­lect­ing de­tailed data about their users for tar­geted ad­vert­ising.

“At the end of the day, you can only ex­pect so much from an ad­vert­ising com­pany,” Sog­hoi­an said. “Un­til we start pay­ing for these ser­vices, they’re only go­ing to go so far.”

While it’s im­possible to totally es­cape the NSA, mak­ing the agency’s job harder could be enough to avoid the drag­net sur­veil­lance. Gov­ern­ment ana­lysts aren’t likely to in­vest the time and re­sources to crack en­cryp­ted mes­sages un­less they really think there could be a con­nec­tion to ter­ror­ism.

Hall re­com­men­ded that people use a browser plug-in such as HT­TPS Every­where, which en­sures that users have a se­cure on­line con­nec­tion when pos­sible. He ad­ded that it’s par­tic­u­larly dif­fi­cult for the NSA to track the on­line activ­ity of people us­ing Tor, a soft­ware that reroutes traffic to hide its source.

Ma­jor tech com­pan­ies were shocked to learn last year that the NSA was tap­ping in­to the con­nec­tions between their over­seas data cen­ters and si­phon­ing off data. In the wake of the leaks, Google, Mi­crosoft, Ya­hoo, and Face­book have all taken steps to en­crypt their data-cen­ter con­nec­tions.

Google has al­ways tried to en­crypt its emails in trans­it, but that’s only ef­fect­ive if both the sender and the re­ceiv­er sup­port en­cryp­tion. Re­cently, Google has star­ted to pub­lish stat­ist­ics about which pro­viders sup­port en­cryp­tion in a bid to pres­sure more com­pan­ies to step up their se­cur­ity.

Emails that are en­cryp­ted in trans­it aren’t as se­cure as ones that have total end-to-end en­cryp­tion. Even Google can’t read the con­tents of emails that are totally en­cryp­ted. But end-to-end en­cryp­tion tools such as PGP are com­plic­ated and in­con­veni­ent to use. Google will soon launch its own end-to-end en­cryp­tion ex­ten­sion to try to make the pro­cess sim­pler, but the op­tion will still be real­ist­ic only for the most ded­ic­ated pri­vacy ad­voc­ates.

Ac­cord­ing to Sog­hoi­an, the No. 1 thing people can do to bet­ter pro­tect their pri­vacy is to re­frain from us­ing phones for any sens­it­ive con­ver­sa­tions.

“Tele­phone com­mu­nic­a­tions are just not se­cure,” he said, adding that people are bet­ter off re­ly­ing on In­ter­net voice ser­vices such as Skype and Fa­ce­Time. He also warned that stored com­mu­nic­a­tions like email are risky be­cause the NSA can go back and get mes­sages even years after they’re sent.

Hall re­com­men­ded that people leave their phones at home or wrap them in alu­min­um foil when they’re not us­ing them. He ac­know­ledged that be­fore the Snowden leaks, re­com­mend­ing that people wrap their phones in foil would have soun­ded crazy.

“The NSA is giv­ing the tin­foil-hat bri­gade a run for its money today,” he said.

What We're Following See More »
SANDERS UP TEN POINTS
Trump Leads Tightly Packed Group Vying for Second
6 hours ago
THE LATEST

In one of the last surveys before New Hampshirites actually vote, a Monmouth poll has Donald Trump with a big edge on the Republican field. His 30% leads a cluster of rivals in the low-to-mid teens, including John Kasich (14%), Jeb Bush and Marco Rubio (13% each) and Ted Cruz (12%). On the Democratic side, Bernie Sanders leads Hillary Clinton 52%-42%.

Source:
×