The documents leaked by NSA whistle-blower Edward Snowden illustrated the startling reach of the West’s biggest intelligence agencies, and one revelation in particular sticks out. We learned that the agencies collaborated with technology companies to deliberately weaken widely used security tools, making it easier to spy on the public.
That’s big. From email up to online banking, it’s simply no longer safe to assume anything about the security of your data – except that you’re probably not the only one who has access to it. Whether or not you’re on their radar, your activity may be sucked up indiscriminately by intelligence services, who have made it their right to know what you know – for your own good, of course.
One consequence of such invasion is that average users are increasingly turning to open-source privacy tools. Much more transparent and often independently audited, they can’t be subverted as easily as a proprietary tool, making them the best means of retaining a bit of privacy in your online activities.
Stay private online: Encryption
We know the NSA and GCHQ have collaborated with technology companies to install backdoors into security products, so it’s fairly safe to assume any proprietary encryption solution is compromised.
That means no more BitLocker, even though it’s highly convenient as it comes with some versions of Windows. Instead, we recommend you use the open-source TrueCrypt to encrypt your data.
It’s a powerful tool, offering volume, partition and drive encryption, as well as the ability to set up additional hidden volumes or even an entire hidden OS. That means if you’re compelled to reveal your main encryption password for whatever reason, any hidden volume will remain safely encrypted and undetectable inside the visible volume. Thinks of it as a saferoom within a saferoom.
You can download TrueCrypt from www.truecrypt.org and install it to your PC. To set up an encrypted area in which to store your most important files, first launch TrueCrypt, then click Create Volume and choose “Create an encrypted file container”.
You’ll be offered the option of making a hidden volume; these must be created inside an existing standard TrueCrypt volume, so for now just choose Standard.
Click Select File and choose a location and a file name for your new TrueCrypt container; don’t use a file name that already exists, or it will be overwritten by the new container. Choose your encryption and hash algorithm – novices can safely stick to the defaults – then choose the size of your container and a suitably strong password. The final step is important: when prompted, randomly move your mouse around the TrueCrypt window for at least 30 seconds – the longer you move, the stronger the encryption – and that’s your container created.
To use it, go back to the TrueCrypt home screen, choose any spare drive letter and select your container file from the Volume dropdown, then click Mount. Enter your password, and the volume will appear in Windows Explorer like any other drive. Drag a file into it and it will be automatically encrypted and added to the container; open an encrypted file and it will be decrypted temporarily in your PC’s RAM. When you’re done with your container, just click Dismount and it will disappear, safely locked from prying eyes.
There’s lots more you can do from there. You could create a hidden volume inside your standard volume, and you can encrypt a partition or full OS using similar steps to creating a container. It’s all well documented both in the software and on the TrueCrypt website.
Stay private online: Web browsing
Tor is a free and open virtual network that bounces communications around the world to prevent sites from learning your physical location. It forms the basis of a range of security applications, the most common of which is the increasingly popular Tor browser. It’s based on a modified Firefox release, so it’s easy to get to grips with, and if you follow some simple precautions it will grant you a level of anonymity while you browse.
To set it up, just go to www.torproject.org and download the Tor Browser Bundle, which contains all the required tools. Run the downloaded file, choose an extraction location, then open the folder and click Start Tor Browser. That’s it. The Vidalia Control Panel will automatically handle the randomised network setup and, when Tor is ready, the browser will open; just close it again to disconnect from the network.
It won’t quite be browsing as usual, as the Tor browser is necessarily stripped of many of Firefox’s modern trimmings. Plugins, such as Flash and QuickTime, are blocked by default as they can reveal your non-Tor IP address, as can opening any downloaded document that’s handled by an external application such as Word. The makers strongly advise against using BitTorrent over Tor as well. Don’t go switching to Chrome, though: Tor is not protecting your PC’s internet traffic, only the traffic that goes via the Tor Browser, so it’s no good just having Tor running in the background. It isn’t a VPN client. See also: How to set up a VPN using Hotspot Shield.
Because of these restrictions, not to mention the reduced speed of browsing as data flies around the world en route to your PC, it’s really not practical to use Tor for everything online. It’s fine to keep using your current browser for everyday online activities – if you want to make it a bit more private, search with DuckDuckGo.com instead of Google – but try to at least get into the habit of switching to Tor when it’s time to do your banking, shopping or any other sensitive tasks.
Next page: encrypt your emails, instant messages and clean your hard disk