Privacy and Security 101

OVER THE PAST COUPLE WEEKS, THERE IS A RENEWED INTEREST IN PERSONAL PRIVACY AND SECURITY. Regardless of why, you’re suddenly a little more interested in protecting yourself from someone else’s snooping and you find yourself here, on my humble site, looking for a little help. Over the next several posts, I will do my best to give you a crash course in privacy, with as little of that “inside bullshit jargon that nobody understands”.

First off, you may hear some people saying, “Well, you should have been worried about this a long time ago.” Never mind that. We all have to start sometime, and for some reason. This is where you are now, and lamenting that you did not start sooner will not help anyone. So no shame here, just information to get you started and thinking the right way to secure your data.

It also doesn’t matter why you got here. Maybe you’re worried about the new US Executive branch and the potential for abuse of the country’s massive intelligence infrastructure. Maybe you’re concerned just that the three-letter agencies exist and have as much reach as they do, regardless of who is holding the reins. You could be well outside the US, anticipating local changes, or maybe headed that way and trying to protect yourself. And maybe you just don’t want every company knowing all your favorite books, movies, foods, and every other detail about your life. Your reasons are your own, and they do not matter to me.

My philosophy is that you should prepare for the worst possible scenario, and then fervently hope that you were being excessively paranoid and everything turns out OK. I would rather spend a little money and over-plan than find out later that I’m completely unprepared because I deluded myself into thinking that something could never happen. I don’t want to make my entire life be about prepping, but I also want to have things in place when the shit hits the fan.

From here on in, I am going to assume that you are aiming to protect yourself from a government, not just from a “normal” person with normal resources. This means that some of what I get into, like anonymous money and mobile phones, may appear to veer into full-on, tin foil hat wearing conspiracy theory. This is because I have been in the technology industry for many years, I have worked in big data for the last several, Internet security before that, and I have a very good idea of what is possible.

This series is going to start with a basic overview of surveillance and privacy, to get us thinking in the right direction. Before we can talk about specific steps to take in order to protect ourselves and our data, it’s important to understand why we are doing it, and what we are trying to protect against.

After that introduction, the posts will cover some very specific things you can do to build up privacy and security around what you do. Some of these things will be easy, every day things like managing passwords properly, or using a web browser more securely. Some will be a bit harder, like setting up encrypted devices and emails. Some you may find are a little too much, like maintaining a burn phone. Choose the pieces that work for you, but I encourage you to read and think over each one.

Tools that I recommend using will mostly be things that I am familiar with, use myself, and have evaluated thoroughly. Many of them will be open source, which means that I am partly relying on people smarter than me who have reviewed and contributed to the application. I encourage discussion in the comments on things that I have missed, alternatives, and additional useful tips. Please avoid being inflammatory, such as making political statements, as it has very little relevance. I’d also ask you to refrain from hand-wavy warnings, like “X contributed money to that open source project, so it can’t be trusted.” Specifics, please.

Up First: Understanding Surveillance