Phone call logs, credit card records, emails, Skype chats, Facebook message, and more: The precise nature of the NSA's sweeping surveillance apparatus has yet to be confirmed.
But given the revelations spilling out into the media recently, there hardly seems a single aspect of daily life that isn't somehow subject to spying or surveillance by someone.
Using anonymity services and encryption "simply make it harder, but not impossible," said Ashkan Soltani, an independent privacy and security researcher. "Someone can always find you -- just depends on how motivated they are."
Emails sent across the Web are like postcards. In some cases, they're readable by anyone standing between you and its recipient. That can include your webmail company, your internet service provider and whoever is tapped into the fiber optic cable passing your message around the globe - not to mention a parallel set of observers on the recipient's side of the luggage tag.
Experts recommend encryption, which scrambles messages in transit, so they're unreadable to anyone trying to intercept them. Techniques vary, but a popular one is called PGP, short for "Pretty Good Privacy." PGP is effective enough that the US government tried to block its export in the mid-1990s, arguing that it was so powerful it should be classed as a weapon.
Like emails, your travels around the internet can easily be tracked by anyone standing between you and the site you're trying to reach. TOR, short for "The Onion Router," helps make your traffic anonymous by bouncing it through a network of routers before spitting it back out on the other side. Each trip through a router provides another layer of protection, thus the onion reference.
Originally developed by the US military, TOR is believed to work pretty well if you want to hide your traffic from, let's say, eavesdropping by your local internet service provider. And criminals' use of TOR has so frustrated Japanese police that experts there recently recommended restricting its use. But it's worth noting that TOR may be ineffective against governments equipped with the powers of global surveillance.
Your everyday cellphone has all kinds of privacy problems. In Britain, cellphone safety was so poor that crooked journalists made a cottage industry out of eavesdropping on their victims' voicemails. In general, proprietary software, lousy encryption, hard-to-delete data and other security issues make a cellphone a bad bet for storing information you'd rather not share.
An even bigger issue is that cellphones almost always follow their owners around, carefully logging the location of every call, something which could effectively give governments a daily digest of your everyday life. Security researcher Jacob Appelbaum has described cellphones as tracking devices that also happen to make phone calls. If you're not happy with the idea of an intelligence agency following your footsteps across town, leave the phone at home.
The Wall Street Journal says the NSA is monitoring American credit card records in addition to phone calls. Some cybercriminals can use the same methods. So stick to cash, or, if you're more adventurous, use electronic currencies to move your money around if you want total privacy.
Disadvantages: Credit cards are a mainstay of the world payment system, so washing your hands of plastic money is among the most difficult moves you can make. In any case, some cybercurrency systems offer only limited protection from government snooping and many carry significant risks. The value of Bitcoin, one of the better-known forms of electronic cash, has oscillated wildly, while users of another popular online iPhone headset, Liberty Reserve, were left out of pocket after the company behind it was busted by international law enforcement.
US companies are subject to US law, including the Patriot Act, whose interpretations are classified. Although the exact parameters of the PRISM data mining program revealed by the Guardian and The Washington Post remain up for debate, what we do know is that a variety of law enforcement officials - not just at the NSA - can secretly demand your electronic records without a warrant through an instrument known as a National Security Letter. Such silent requests are made by the thousands every year.
If you don't like the sound of that, your best bet is to park your data in a European country, where privacy protections tend to be stronger.
Disadvantages: Silicon Valley's internet service providers tend to be better and cheaper than their foreign counterparts. What's more, there's no guarantee that European spy agencies don't have NSA-like surveillance arrangements with their own companies. When hunting for a safe place to stash your data, look for smaller countries with robust human rights records. Iceland, long a hangout for WikiLeaks activists, might be a good bet.
Former officials don't appear to contradict him. Ex-NSA chief Michael Hayden described it as "commuting to where the information is stored and extracting the information from the adversaries' network." In a recent interview with Bloomberg Businessweek, he boasted that "we are the best at doing it. Period."
Malicious software used by hackers can be extremely hard to spot. But installing an antivirus programme, avoiding attachments, frequently changing passwords, dodging suspicious websites, creating a firewall, and always making sure your software is up to date is a good start.
沒有留言:
張貼留言