Before we begin, note that the title
is a bit of a misnomer. Digital security is mostly nonexistent. When computers
took off, security was never a concern, so they are inherently insecure. I will
do my best to help you secure your computer as much as possible. The point
isn’t to make your computer invulnerable to attack. That’s impossible. However,
just like your survival retreat security, the goal is to make yourself such a
hard target that hackers or the government move on to lower hanging fruit.
Again, nothing in here will make you immune to the NSA. They have an
essentially unlimited budget and thousands of personnel dedicated to cracking
all the methods included herein. I will simply guide you through the process of
making yourself a hard target. You will be immune to dragnet surveillance and
most hacking attacks. Also note that merely Googling most of this software will
get your IP address logged on an NSA database. Therefore, use https://www.duckduckgo.com/
for better security. Without further ado, let’s begin.
Let’s start with your actual
computer. I don’t recommend an Apple computer, as a friend who works for the
government told me that Apple retains near-complete remote control of any
computer they produce. I would highly recommend buying a computer from a mom
and pop computer company. However, this is very cost prohibitive. Next in line
is a Panasonic CF-29. These “Toughbooks” were used by the police and military
extensively and are designed to handle wet climates, heat, cold, and rough
handling. This is a good all around transportable computer. Another option is
to buy a brand new computer with a large hard drive (think one terabyte).
Consider the utility of buying a cold computer– one that never accesses the
Internet– to store confidential files. When buying new computers, Bitcoin users
may want to purchase one with a large graphics card in order to do GPU mining.
Preferably, your new computer will have Windows 7 and not 8. (Don’t worry,
we’re going to replace the OS. This is just so that the BIOS and other features
are easier to access.)
Now that we have the computer out of
the way, we can move on to the operating system (OS). Obviously, Windows isn’t
an option, since Microsoft actively collaborates with the Feds and we already
rejected OS X. That leaves Linux, the open source OS. More accurately, it’s a
kernel used to make a variety of OSes. The special thing about open source
software (F/OSS) is that it doesn’t have a typical copyright. F/OSS has a
license, such as the Gnu Public License (GPL), Lesser Gnu Public License
(LGPL), and MIT license. These licenses, in varying degrees, open the source
code of the software to public review. Think of it as public domain for software.
Why is this advantageous? Well, you’ve probably heard a lot about back doors,
since the NSA scandal. Since F/OSS source code is released to the public, back
doors can’t be hidden in it. Another advantage of F/OSS is that since the
source code is available to everyone, it’s absolutely free of cost.
Let’s talk more about Linux. Linux
is an open source operating system with dozens of different “flavors” or
“distros”. You can pick any one to suit your tastes. However, for newbies, I
recommend either Ubuntu (or its children– Kubuntu, Xubuntu, and Lubuntu for
small systems) or Fedora (or its children– Fedora LXDE and Fedora KDE, again
for small systems). These are widely used distros with helpful forums. I have
the most experience with Ubuntu. If you are an open source purist, you’ll want
to go with Fedora, as it doesn’t use copyrighted, closed source programs like
Adobe Flashplayer. Note that Adobe Flash can be used to track people, so I
would say Fedora is the best bet. Canonical– the company that maintains Ubuntu–
has also incorporated adware for Amazon. Ubuntu’s advantage is that it works on
most hardware out of the box. I’ve found Fedora to be a little less
accommodating but not too much. YMMV.
If you are a bit tech savvy, check
out Arch Linux.
Arch is special because it is not actually an operating environment. When you
install Arch, all you have is a command line interface (CLI) and a program
downloading program. You then build your own environment from the roots up.
This is my most recommended Linux distro, second only to Parabola. Parabola is exactly like Arch,
except it includes absolutely no proprietary software. While this would be the
most secure, it will include limited functionality compared to Arch.
Another excellent option I’d like to
mention is Tails. Maintained by the TOR Project (see below), this operating
system is engineered specifically to protect privacy. I haven’t yet had a
chance to try it out (I only have so many computers), but it sounds like a very
promising OS. The TOR Project as an organization is committed to preserving
digital privacy.
I’d also like to mention FreeBSD. I
have no experience with this operating system, so I can’t say whether or not it
is more or less secure than Linux or easier or harder to use. I will say that
it is less common than Linux, and thus will have less compatible software.
Now that we have a laptop and an
operating system, let’s move on to the basic functions of a computer. Word processing
is at the top of most people’s list. Thankfully, there’s an open source option:
OpenOffice.
Also known as LibreOffice, this office suite includes a word processor
(Writer), a spreadsheet (Calc), and a presentation writer (Impress). These are
equivalent to Microsoft Office Word, Excel, and PowerPoint, respectively. As a
bonus, OpenOffice enables you to write or convert your documents into Microsoft
readable form, so you can still share your data with non-Linux friends! It
comes standard in Ubuntu and Fedora, as well as many other flavors of Linux.
Now, let’s go to the Internet. We’ll
start with your browser. My favorite is good ol’ Mozilla Firefox. I imagine many of you already use this or have at least
heard of it. Firefox is F/OSS and managed by Mozilla, a very digital freedom
friendly company. If you are extremely finicky, you may prefer Iceweasel, which is Firefox minus the
copyrighted Firefox logo. An honorable mention is Seamonkey, a web suite also managed by Mozilla.
Stay away from Chromium, the F/OSS parent of Google Chrome, as it was
commandeered by Google.
The above browsers are great
options, and clear of malware and backdoors. However, the browser can only do
so much to protect your privacy. Your physical location is still visible to
anyone who cares to look, including the government. To address this issue,
there is TOR.
TOR stands for The Onion Router and was designed by the Navy. Utilizing a
system of routers, TOR obfuscates your location by passing you through three
other computers first. These computers are run by volunteers around the world
in a decentralized network. TOR also gives you access to the dark web– the
Internet not accessible to Google and other search engines. These sites end in
“.onion” instead of “.com”, “.org”, or any of the other common top level
domains. Note that the dark (or deep) web has many sites dedicated to
pornography and drug trafficking, so proceed with caution. You can use TOR without
accessing the deep web, but using darknets for legitimate sites like DuckDuckGo
(I believe JWR at one time suggested one for SurvivalBlog) will increase your
anonymity. TOR is also automatically formatted to bolster privacy, so it comes
with the NoScript add-on (I recommend this for regular Firefox, too) and will
not play YouTube videos, due to their inherent vulnerability. To make TOR even
easier to use, you can get TOR wifi.
Now that we have a web browser, we
need to replace Google as our search engine. Enter https://www.duckduckgo.com/
to reach the search engine/company that doesn’t track you. DuckDuckGo was founded
on web anonymity and is ,you guessed it, open source. It’s a fully functioning
search engine and more than capable of replacing Google. Other options include http://www.ixquick.com
and http://www.startpage.com
Since we’re hooked up to the
Internet, we’d probably better get an antivirus. We’ll start with ClamAV and ClamTK
(ClamAV’s graphical user interface (GUI). These are great for finding viruses,
but they don’t actually cure them. For that, we’ll have to download a closed
source program like Avast (www.avast.com). There are a few other antiviruses
that work on Linux, but Avast is my personal favorite.
Now, let’s secure our email. The
short answer to this problem is: it’s impossible. Email just isn’t secure.
That’s not the way it was designed. (There is a movement to make it more so) However,
there is a little bit we can do to improve our email security and make
ourselves a hard target to the NSA. First, dump your Gmail, Yahoo, Hotmail,
AOL, or any other conventional email provider. There are a number of private,
secure email sources, both paid and free. Some of my favorites are ProtonMail and Lavaboom. (I’m still waiting to try
Lavaboom.) These two providers are free. (Both say they will eventually offer
paid premium accounts and offer automatic encryption between users. There is
more on this below.) ProtonMail is hosted in Switzerland, and Lavaboom is
hosted in Germany. Both of these are “zero knowledge providers”, which means
that they don’t have any information about you. In fact, they can’t even access
your password. I prefer the Swiss hosting of ProtonMail, while I prefer
Lavaboom’s open source aspect, as well as their incorporation of Darkmail. An
honorable mention is OpaqueMail,
which I haven’t quite figured out yet, and thus haven’t had a chance to try. It
is completely open source, self hosted, and was designed to combat NSA spying.
It appears to be a DIY email client. If you want to host your own email but
need a trustworthy domain for a dynamic IP and don’t want to pay for one, check
out PageKite.
It’s written by the same people behind MailPile (see below). Next, we’ll return
to our friends at Mozilla and download Thunderbird–
the open source email client. You can use either the IMAP or POP3 protocol. The
difference is that IMAP will sync with your webmail, so when you log into it
via an Internet browser, everything is the same. POP3 will store everything
locally on your computer. This sucks up memory and leaves any emails you delete
in your online inbox. I prefer the IMAP protocol. Next, download the Enigmail
add-on for Thunderbird. Enigmail uses OpenPGP (also known as GPG), encryption
software invented by Phil Zimmerman in the 1990’s that’s never been
compromised, to facilitate public key encryption. (You can also use S/MIME.)
Edward Snowden said that OpenPGP (PGP stands for “Pretty Good Privacy”) is one
of the few encryption methods the NSA has been unable to crack.
From the Survival Blog
No comments:
Post a Comment