I don't really think ordinary people (and rich people TBF) can completely defend themselves against any state player.
Anonymous guides I read mostly recommend Tor, anonymous sim card and purchasing electronics with cash. But I don't think it's going to render any state player's work impossible. I mean if they are really onto you.
On the other side, three char agencies cannot waste resources on every individual, so the best way is to stay out of the radar.
If one's threat model includes state actors that target that person then all regular methods are useless. The best we can do is to protect against passive attacks and that's where PGP, double ratchet schemes, Tor etc come in handy.
Protection from the Nation State Actors cannot come from companies. One must implement protections on one's own client-side. Proper encryption always. Tor when needed. Software and, where possible, hardware only from trusted sources.
Presuming you are being pursued by a state actor, isn't using a computer at a library or Internet cafe enough to thwart most of that? Especially if you're using asynchronous store-and-forward protocols like NNTP or Freenet, where you can be long-gone from wherever the computer you used was, before anyone else ever sees "your" activity.
There are no shades of grey here - state actors have access to every internet node, fibre optic cables, operating systems and hardware.
So unless you take your time to build your own CPU, main board and modem and only use our own private direct fibre connection, you're a potential target for being spied on.
It's as simple as that. You can make things harder by encrypting your traffic, but that's possible regardless of were your Tor relay is located at. And even then some crypto algos are known to have been deliberately weakened by intelligence agencies so you best be a crypto expert as well if you're really that paranoid.
The irony is that most (not all!) people who are ever so concerned about these things still use their smartphones (even though EVERY GSM/UMTS/4G protocol has been hacked at this point and is thus insecure), use cloud computing (either directly or indirectly via 3rd party services like Uber) and post on social networks.
The only computer that is safe from attacks is not connected to any network and only ever used in a windowless room surrounded by reinforced concrete walls.
The only information that is truly private is information you don't share in the first place.
If you are an American citizen who is not against American interests, sure, go with iOS Lockdown Mode. They won’t come after you. If you’re not, then you can get an open-source OS device like GrapheneOS, be careful not to emit any information to the internet except without over anonymity networks like Tor, and use E2E messengers in your day to day comms for your baseline security for today. I don’t know what will happen when AIs will be able to identify any person from a paragraph of text they’ve written. Best to move to a place where no technological State exists and live self-sufficiently then, maybe. Still you’ll be visible to satellites and thus targetable for States, unless you live on hydroponics in an underground mine or something.
For people who are targeted or in risk of being targeted by three letter agencies, it’s a different story.
It’s so easy for any three letter agency to install a mole or buy someone in those open-source projects like GrapheneOS, for example to publish compromised binaries. The best option is always to not use anything connected to the cell (GSM, 4G, 5G etc.) network and carry all comms encrypted over internet, with pre-exchanged secret keys and preferably over a network like I2P and over public Wi-Fis. You can use I2P outproxies to connect to visible (normal) internet. I do NOT recommend Tor, there were reports of Tor being compromised and it’s too suspiciously popular to be trustable IMHO. Pay attention to CCTV cameras as well, don’t sit in a mall to connect its public Wi-Fi. All these things obviously introduce a lot of friction to your communications, but if you are such a high-value person you should have set up your network of people accordingly beforehand as well, to relay messages and such. QubesOS is a good OS for such people. If you have the means, custom device solutions to communicate over radio with encryption is by far the best option you can have, especially for receiving critical comms on time. This only leaves the risk of triangulation when you transmit, but you must be a really high value target for this to happen. And you can always still use internet as I described to transmit.
You can't, if you become a target of any larger nation state actors you can't do much about it. Best efforts, hope that you are not interesting enough. Listen to this recent episode of Darknet Diaries.
If a state intelligence agency is targeting you, there's just really not a lot you can do at that point. But ephemeral9235's suggestions should work OK to avoid handing over all your personal data at the border.
if your computing devices have cameras and microphones, disconnect them.
do not use credit cards or online payment systems. cash, grass, or ass.
... and they'll still know anything they care to about you; and failing that will make up anything they need, should anyone with access to the levers of power decide that you are a worthy target, for whatever reason.
This is an excellent post, but I want to point out that what really matters here is your threat model.
If you are trying to hide from the NSA or other nation states, you have a LOT of work cut out for you. There are basically two sub threat models: are you trying to hide from the dragnet (in which case, just using any obscure and relatively obfuscated communications mechanism will work) or the scenario in which you’re being actively targeted (in which case you need rock solid security from end to end). Keep in mind that the Security version of https://en.m.wikipedia.org/wiki/Analog_hole means the security of your networked device is just as important as your messaging protocol, and… good luck with that on mobile.
If you are just a small fish trying to avoid something with a court-admissible record (and don’t care about parallel construction) you’re probably fine with Signal, provided you understand that your counterparty can just give you up.
I hate to bring out the “nothing to hide” argument because I disagree with its premise from a moral standpoint, but from a practical standpoint, I recommend avoiding having “directly targeted by the NSA and needing to avoid it” as your threat model to begin with.
> Companies can still track me, my data's still out there.
It's not all or nothing. Like any security (and confidentiality is one of the three pillars of security), there's no perfect solution but you can make it more costly for attackers. A few things that help for little cost:
* Use a pre-paid phone plan; don't give your identity to the telco. (Maybe not possible in all countries.)
* Use a VPN and/or Tor. Protect your browsing habits from your ISP.
* Use an ad-blocker or something like uMatrix to stop most tracking
* Pay for things with cash when possible. If it was invented today, we'd all be impressed with the technology: Complete trust between strangers, anonymous financial transactions - all implemented in paper; no encryption needed.
* Use one of the many anonymous, confidential communication services for chat, text and voice.
But I agree that the answer in the law, not technical means.
Because it is always possible you will fail your Tor discipline, I would add some defense-in-depth aspects, in case your browser is compromised and your network address is revealed.
- Use separate hardware. A cheap laptop and a cheap phone.
- Burn the receipt and chuck the packaging.
- Cash. Pay in cash.
- Buy from small stores with no CCTV, or better yet, from people like migrant workers.
- You can buy stored value cards (debit cards) without ID, and some you can load with cash at ATMs. (Also good to buy from travellers.)
- Once you have a debit card you can pay for data without going to a store.
- If you turn on your Wifi tethering and other devices are in range you have created an event in their logs. Just use a cable. If you must, change the SSID regularly and use Android 6 which has MAC randomisation. Never have any other SSIDs saved, especially not your home network.
- Turn the phone off when not in use. Removing the battery is advisable.
- Don't connect to 3G near your home or work or where there is pervasive CCTV or not many people.
- If your commute is logged (via your cellphone, number plate recognition / tolling, personally identified public transport like Oyster cards) then your location can be correlated against when your persona was online.
- It might seem that transmitting from different locations is a good idea. But not really, it gives a more unique history.
- Run Tor on the laptop. Run nothing on the phone, its just a radio.
- If you want to use Signal, get another burner phone.
- Invest in some numbered wafer seals or tamper bags. Keep your kit in them when cached.
- Don't tell fibs to federal agents. Record all interactions with them.
The first thing to do is answer what's your threat vector? What are you trying to protect against? And the second thing is answer and what are you willing to give up?
The best way is, of course, to not use technology. But that's not worth it to most folks.
If your threat vector is general dragnet government surveillance over the entire populous, you're fighting against a shadows. Basically all we know of these techniques come from Snowden. Assume all internet data is logged, whether encrypted or not, and they have direct access to the ISP infrastructure. Room 641A shows the USA has been at this since 2006[0]. Even if your messages are encrypted, it's possible the agency has a 0day. For example, the NSA had decrypted all BBM traffic which was advertised as encrypted. The lesson here is avoid new and popular tools. Instead, just use PGP or other arcane yet reliable encryption methods. If everyone used PGP, I bet the NSA would exploit it too. Don't use a smart phone at all. Using bootable Linux USB of something like Tails on a public computer is probably the best bet, but unsustainable. Even Tails and TOR isn't perfect but it's miles better than Windows, Mac, ChromeOS.
If your threat vector is a specific intelligence agency spying on you, (i.e. an APT), you have already lost. I don't think it even makes sense to try and protect against this level of threat. It's like worrying about a tank coming through your frontdoor.
If your threat vector is private companies spying on you (be it Facebooks or even private intelligence companies), you have a lot more power here. Besides ISPs, private companies don't own the infrastructure and are not legally allowed to use 0days like the NSA is. In general, end to end encryption is sufficient here.
It's all a sliding scale of compromise between security and convenience.
Since we're in the mood for unsolited amateur advice on how to communicate with regard to criminal acts...
I generally try to leave organised crime to organised crime syndicates. And governments, of course.
If you have to do any anonymous communication, with people you can't authenticate the identity of, over the internet, you're doing crime wrong, should assume the other party is a government plant / agent / honeypot, and should quit while you're ahead. Preferably before you start.
Don't use social media and lock down your browser to limit fingerprinting. Your remaining big threats are phone apps and traditional data brokers profiling your credit card usage. Cut out all unnecessary apps, block everything else with a firewall and pay cash. You will then be far more opaque to the private surveillance apparatus than most first-worlders.
This seems like an excellent list on first glance. Is there a similar "practical advice" type of list.
Sadly, I tried to imagine I'd need to be as anonymous as possible and couldn't even figure out how to get an untraceable email address (legally).
My basic thought was to use some public WLAN (hoping for no MiTM), ideally not close to where I actually live and then use Tor to create a Hushmail account (as I recall the EFF recommends it).
Alas it seems that's already flawed since a quick websearch suggests Hushmail cooperates with government agencies.
Admittedly I haven't spend a lot of time researching available options but I think it's pretty hard to even get step 1 right. I can only imagine how hard it must be for someone who isn't tech saavy at all.
Anonymous guides I read mostly recommend Tor, anonymous sim card and purchasing electronics with cash. But I don't think it's going to render any state player's work impossible. I mean if they are really onto you.
On the other side, three char agencies cannot waste resources on every individual, so the best way is to stay out of the radar.
reply