If you are a frequent visitor to SurvivalBlog then I do not need to explain why the subject matter may be of importance. There are several previous posts that cover somewhat related information that I will reference and expand upon.
First, the disclaimers: I am not a data security expert. I could not blind you with science nor expertly baffle you with Bravo Sierra. However, I have been directly involved in the Internet related software business for almost 20 years. I have spent many hours a day for almost two decades using the internet and watching it evolve. During that time, especially since 9/11, I have also watched the watchers watching more of everything we do.
The second disclaimer is the software or services I mention below may not be legal in all countries. While currently legal in the US, the FBI recently sent a flyer to all Internet cafes and coffee shops warning that a number of quite normal and legal behaviors should be considered a "potential indicator of terrorist activity" and should be reported.
Hopefully the information contained herein will help you maintain the small amount of privacy you have left when it comes to the data on your computer and your online activities. The caveat being this – there is no such thing as perfect security or absolute privacy. Pretty much any code or encryption can be broken if someone has the resources and the motivation to do such.
There are certainly many more options available than I will cover here, but I wanted to keep this as simple as possible so anyone with more than rudimentary computer skills can implement whatever measures they deem necessary. I will cover the areas of securing data you keep (files, folders, etc), securing e-mails, IM and chats, protecting your identity while browsing and also making secure voice and video calls. However, the first thing I have to talk about is using some common sense.
Yes, an invasive government has the resources to electronically monitor any and all communications and to break almost any type of code or encryption. However, that does not mean they have the resources to manually analyze every single phone call, e-mail, chat, purchase or web browsing habits of every single person on Earth. Just because you may visit sites deemed threatening to TPTB or you have purchased a survival knife online doesn’t mean you are a high priority target on some watch list.
So here is the common sense part: don’t make yourself a high priority target. Try to exercise a degree of discretion and intelligence if you find it necessary to make posts online or send e-mails. I have to shake my head in disbelief when I see people making inflammatory posts online. Such posts are filled with threats, anti-government or violence inciting rhetoric. Such "keywords" will get someone’s attention. The bottom line is this: unless you are one of the very brave souls that have chosen to take a public stand, to offer constructive ways to adapt to and survive the rapidly changing world we live in, it’s best to draw as little attention to yourself as possible. Try to keep your emotions at bay when posting online, because once you put it out there, it is there forever.
We all have data we need to keep and a lot of it should be secured in some manner – such as scanned copies of your important papers (birth certificates, passports, driver’s license and such), supply lists, maps, routes – you get the picture. Any unsecured data on an Internet connected (or confiscated) computer is a security risk. Trojans, Viruses, Key-Loggers, Malware, Drive-by Downloads all pose the risk of exposing your data. I won’t discuss the need to keep your anti-virus and/or anti-malware software up-to-date because if you aren’t doing that – the rest of this information won’t do you much good. Below I will cover several aspects of data security from the simplest to the more complex.
The first rule is to not to keep your sensitive data on your computer’s hard drive in the first place. Flash drives (USB thumb drives) are inexpensive and can hold a tremendous amount of data. Keep your sensitive data on a flash drive, or better yet, a Micro SDHC card. For around $15 you can get a 16GB Micro SDHC card with SD adapter. You will probably need the adapter because the actual data card is smaller than your pinkie fingernail and about as thick – it can be hidden anywhere. If your computer doesn’t have a flash card reader, then you can get an external card reader for less than $15.
File Encryption Using a Password
Again, I won’t cover all possible options in this post, just the quick, easy and less complex solutions I have found and since Windows is the most prevalent operating system, I will limit software references to that unless noted – you can probably find similar solutions for Macs or Linux machines. For quick encryption of one or more files, dsCrypt is a free AES/Rijndael file encryption software with simple, multi-file, drag-and-drop operations. All you do is download/save the 25kB .exe file and double-click to launch – it doesn’t have to be installed – the file you download is the program itself – which means it can also be used from portable media.
If you have a lot of files you need to secure, you may want to look at TrueCrypt, a free open-source disk encryption software for Windows, Mac and Linux. TrueCrypt creates a virtual encrypted disk within a single file which can be mounted as a real disk. This file can be created anywhere on your hard drive or portable media. Anything saved to this "disk" is automatically encrypted. This solution requires a multi-step installation – but is well worth it. I suggest you keep the disk space allocated to something reasonable because it cannot be undone without formatting the drive.
To exchange encrypted files with others, there are some free solutions available that offer high levels of encryption. The only caveat is the recipients also need the same software installed and the password used to unencrypt the files – not a huge price to pay for a bit of security.
- Encrypt Files is a very easy to use for files or entire folders
- dsCrypt – (great for portable media)
- MEO Encryption is a great free program for files and e-mail. Actually, after playing with MEO for a bit, it is quickly moving to the top of my list.
Finally is the area of obsolete or replaced drives. Formatting a drive does NOT delete the data – it can be fully recovered with simple software. Most drives I replace will not be reused because they are old technology. I used to take a sledge hammer to them, but now use a drill press and put a ½" hole all the way through the case and platters. However, if that’s not your style – you might want to look at Boot and Nuke. You have to create a CD or DVD from the downloaded .iso file, but then you simply re-boot using that disc and the hard drive will be wiped clean to DoD/NSA disc over-writing standards.
Also, simply deleting a file/folder – even after emptying your recycle bin – does not protect that data. It can be recovered unless you use a file shredder program. A good free one can be downloaded from Fileshredder.org/
Every e-mail you send will go through numerous servers before it is delivered (usually 10-15 different servers). Your message can be read, scanned or copied at any step in that route. Referring back to the section on using common sense – be mindful of what words or phrases you use because you might garner someone’s attention – other than your intended recipient.
One partial solution is to use a web-based "secure" e-mail service. Such services encrypt your messages before sending but the thing to keep in mind is any time you rely on a third-party service or server, your messages aren’t really secure. However, some security is better than no security so here are some of the free secure email services you might want to check out:
For much better security, your best bet is to encrypt messages before you send them. This can easily be done using MEO Encryption (mentioned previously for encrypting files) which can be used with your existing e-mail server.
To quickly encrypt a simple text file to send, LockNote is a good way to go.
For those worried that by simply sending encrypted files or messages will draw unwanted attention, how about encoding short messages into a standard image file? This can be done with 4t HIT Mail Privacy Lite