21 Mar 2012
If you’re reading this article on a screen instead of paper, then you should be concerned about your privacy and freedom of speech online.
Whether you’re an activist, or an owner of a huge farm on Farmville - the popular game on facebook - you spend a lot of your time online. Thus, more and more of your life is slowly conducted in a digital medium. Amazon is now selling more ebooks than printed books. When was the last time you actually printed a photograph, or browsed through a physical photo Album?
It’s a jungle out there
Our increased use of the Internet and digital mediums in general has attracted all kinds of unwanted attention; from governments, both democratic and authoritarian, to advertisers, researchers, and criminals. Suddenly, or not so suddenly, walls no longer provide the privacy and protection they used to offer.
As a human being you have inalienable rights to freedom of expression, and privacy. Those rights apply both in the real world and online.
The problem is, those rights are increasingly being jeopardized and violated by various actors. Governments want to keep track of their citizens; dictators constantly spy on political opponents and activists; advertisers are utilizing increasingly invasive data mining technologies; and cyber-criminals are attempting to steal your identity, money, or information. Data is a hot commodity, and the market for it is huge.
The widow of a Nigerian general isn’t going to split $23 million with you. Your government is gathering more information about your online activity than they need or have right to collect. That private facebook message you sent last week is hardly as private as you think it is.
What you can should do about it
Don’t panic! Fine... you can panic a little, but you are not alone, and there are various ways you can protect yourself online.
First thing to learn is that your online communication can NEVER be 100% secure. No matter what you use, if there’s a party that wants that information and has the right resources and skills to retrieve it, they will find a way. The sooner you realize that, the better equipped you are to prepare and protect yourself.
Disclaimer. Before we dig into some technical details, it’s important that you know I’m in no way a security expert. I’m merely an activist with some experience working in hostile environments and a healthy amount of paranoia. When in doubt about any of the info here, ask an expert. The info in this guide of sorts will become outdated quicker than you’d like.
Safer practices for the digital age
Keep your software up to date. This one seems like common sense, but it evidently isn’t. The average user’s first instinct is to dismiss any update notifications. This is extremely risky. Updates often include security updates and patches to the programs and operating systems you’re using. Ignoring and/or postponing updates puts your computer at risk of falling to spyware and other malware that would allow a hacker full control of your device. Next time there’s a popup notifying you of an update, save your work, accept the update, and go make yourself a drink while it installs. .
Be on top of your social network privacy settings: Is your FB friends list private? Can everyone see your photo albums? How much of your timeline is totally public? Is it necessary to accept a friend request from everyone that sends you one? Do your tweets attach location automatically? Is your smartphone tagging geographical data to your photos? You catch my drift. .
HTTPS/SSL: Using https ensures that your connection to the site you’re using is encrypted, otherwise, it’s extremely easy to spy on your data and even gain temporary access to your online accounts like email or social networks. The risk of that is higher when you’re using public WiFi networks.Different website have different standards for SSL; Gmail has it by default, Hotmail offers it as an option, while Yahoo! mail recklessly does not offer it as an option at all. The best way to make sure you use HTTPS wherever possible on popular sites is to download and install the HTTPS Everywhere browser plugin for Firefox and Chrome from the Electronic Frontier Foundation. .
Use TOR if you’re in a hostile environment. TOR is a suite of tools that allows you to encrypt and anonymize your online traffic by bouncing it through multiple relays. It offers some of the best protection you can hope to get online, but remember that nothing is bullet-proof. Download TOR and learn more about it here. .
Encrypt your devices. This includes your computer’s hard drives both internal and external, USB thumb drives, and even smartphone. Encrypting your storage guarantees that your information would be secure in case your devices are lost, stolen, or confiscated. Some operating systems like Windows 7 Ultimate and Android 4.0 (for smart-phones) provide encryption as an option without the need for additional software. You can always get free software like TrueCrypt for Windows, Linux, and Mac to encrypt your storage. .
Encrypt your chat. Pidgin is a popular instant messaging client that works on Windows, Mac, and Linux and supports various instant messaging services like Google Talk, MSN Messenger (Windows Live Messenger), and Yahoo chat among others. You can install OTR (off the record) plugin for pidgin and configure it to encrypt the messages you exchange with other users. Both parties need to have the plugin installed and activated.
You are encouraged to learn more on the topic by reading the guides linked below. Keep in mind that this sphere is rapidly changing; keeping yourself secure online is an ongoing learning process.
Digital Survival Guide. Tactical Technology Collective
Anonymous Blogging with WordPress & Tor. Global Voices Advocacy
*This post is inspired by the crackdown on netizens in “Arab Spring” countries, as well as a recent panel I spoke on under the title “Breaking Through Internet Censorship.” You can read more about the panel here, and here.