It seems the topic for this series of posts just keeps expanding – I guess I added too much yeast ;-). What started as a single post had to be broken up into what I thought would need to be four to let me get the first one out, and now I’ve been stewing on this second one for a few weeks and there is at least one other part I have decided to break out into a later post to let this one actually be done. The topic for that one will become clear below.
This second in the “going dark” series focuses on what I’m doing / thinking about doing to mute or mask the signals I give off to marketers and others that might be interested in what I am doing online in my “full featured” computing environments, namely the various desktop and laptops I use.
To rehash an important point from the previous post: my aim here is NOT to become invisible nor do I think that I do anything that would be of particular interest to anyone. It is a matter of principle. I feel that I need to exercise my right to privacy, even if I know I wont be completely successful in doing so. Its through the exercise of our rights that we actually claim them. By taking some of the steps in this post I am making it clear that I expect to have a certain level of privacy, and the courts have made clear than expectations are a big part of what is ruled as private vs. public.
I look at the precautions here for privacy the same way that I look at arming myself for personal protection: do I expect to be able to defeat all attacks because I have regularly keep and bear arms? Of course not. But I do expect that because I exercise that right, that it puts me down in the column of people that actually care that they have that right. I have an expectation of being able to defend myself because I make preparations to do so. Through what’s listed here, I am declaring that I have en expectation of privacy, with full knowledge that if someone really wants to know what I am up to they can find out without too much trouble.
With that out of the way, lets start the meat of this post from the point that actually create the possibility of privacy issues: the network itself. This breaks down to two aspects: from the home to the rest of the net and the subnet within the home.
First, from the home to the series of tubes, I am likely stuck with cable for internet access, but I’m not sure that matters since every large scale provider logs all traffic and as Snowden showed us they have no problem sharing with the NSA. The two viable routes around provider logging that I have been able to find are VPN (costs $) or Tor. I still need to dig into this a bit deeper, but from what I can tell, the VPN based approach creates a dependency on your VPN provider to not keep logs or give access to anyone that might want logs. There are some VPN providers with long and solid track records, but it still seems to be a single point of failure. On the other hand, Tor (in addition to being free) is a distributed anonymizing network so there is no one single point of failure. However there are rumors that there are exit nodes on the Tor network (the nodes that get to see what you are requesting and have some info on who you are – at least your IP address) have been compromised or have even been setup by different governmental agencies around the world. This one is a toss up still. I will probably start with Tor since its free and I can setup a spare raspberry pi I have sitting around to act as a basic anonymizing machine for all traffic that connects through it and look more seriously at VPN if I cant get that to do what I want or if in testing it proves to be less private than I expect. If you are interested in this approach but don’t want to build your own Onion Pi to do it, the market will provide.
Within the home, I am currently using a combination of wired and wireless connections. There are a few “dumb” switches for the wired connections, but everything comes together in an Apple Airport Express before connecting to the cable modem. Even before this recent privacy awakening, I’ve been getting more things on the wired network, mainly for performance reasons. Wireless has been getting faster, but its not really or at least not consistently 1 Gbps. The jury is still out on the Airport, but if it stays in the scheme it will be relegated to second tier status, with the brains of the network being filled by a dedicated machine running IPfire. As long as I can keep that machine from being compromised, it should give me excellent control. As I get more comfortable with it, I will setup all four zones – adding orange (DMZ for servers) and blue (wireless) after I get the red (internet) and green (wired intranet) working together. I just need to find a cheap desktop in the pile somewhere to get that up and running. I will probably get another raspi and build one of these to test network security – just for the fun of it
With a few steps to secure the network, next I need to secure what I connect to the network. There will (hopefully) be a later post about mobile and other devices, so as I said before this post is focused on full featured computing = desktop or laptops.
I regularly use two PCs every day from my home office: my personal Mac Book Pro from mid 2009 and a newly issued Surface Pro 3 for work. I am certain without even checking that my work machine is laden with all sorts of monitoring software and that every site visited and email sent goes down in my “permanent record”. I am OK with all of that since that machine and everything on it is their property – they have every right (and I am sure I agreed to such monitoring in some employment agreement somewhere) to watch what goes on there.
So that leaves the personal MBP to worry about, and I’m going to look at it from two aspects: the hardware and the software. From a hardware perspective there are a few “privacy points” I could gain by switching to a different platform, but I would likely have to build a PC from parts to skip including things like a camera, wifi or built in microphones or speakers. Not sure its worth it, but am keeping it out there as an option. The more obvious, but more difficult, switch I need to make to increase privacy is on the software side. While its true that OSX is “related to” Linux, that doesn’t necessarily make it secure. In fact, the folks in Cupertino seem to use that to build in privacy compromises (another example here). The downside to any move away from OSX is the applications and overall user experience. Try as I might I just haven’t been able to find an overall experience that approaches OSX on another software platform, Linux or Windows.
So whats the plan for base hardware and OS? I think I will take a page out of the NSAs book and run two machines, or at least two separate environments. In the Peace Revolution Podcast that kicked this whole thing off, there is an interview where someone from the NSA first realizes something is terribly wrong when he sees some of the documents Snowden leaked on his public / non-classified PC – he should normally only see those on his work / classified PC. It was a side comment, but it got me to thinking that might not be a bad approach: leave my Mac for desktop focused applications (iMovie, iPhoto, Adobe, etc) with perhaps even an intermittent network connection (only when needed) and run a separate environment in a dual boot setup or maybe even on separate hardware for network tasks – email, browsing, blogging, etc. There are security and privacy specific Linux builds out there, but I will probably start with something a bit simpler.
By using TAILS for my regular network related tasks, I also relieve another major privacy hole from my current compute stack: Chrome. I made the switch to Chrome about 18 months ago. I was lured by the speed and stayed for the cross platform syncing and plugins. The fact that Google gets to see everything I do on the internet all the time was a minor inconvenience at first, but one that is more important in light of my current goal of creating an expectation of privacy.
Which (at 1500 words and counting) brings me to the part of this post that I mentioned at the start will have to be its own post for another day: what sites I use in that non-Chrome browser. It does no good to erect privacy fence between me and my ISP, potential hackers and government agencies, if I then go out immediately login in to my Google account. I am trying a one month hiatus from Facebook, motivated by my newfound interest in privacy as well as a test to see what I loose by not being there – and more importantly, what I gain (this post will still send a ping there – its automatic – I wasn’t on the site and my hiatus is still in effect). Its also an easy test since its just one site and a few apps – none of which are “mission critical”. Google’s application set is another story: search, email, docs, authenticator, apps, google+ and probably 10 more I can’t think of right now. No attempt to establish an expectation of privacy on the internet is complete without a complete divorce from Google. And thats going to take some thinking…and another post.