How To Get Out Of PRISM and Avoid NSA Spying

ibnanv

Well-known member
  • Jun 27, 2009
    3,986
    257
    83
    http://siliconangle.com/blog/2013/0...oid-nsa-spying/?angle=silicon&link=mostrecent

    How To Get Out Of PRISM and Avoid NSA Spying



    inShare5​


    Admittedly, most people don’t seem to give a toss about PRISM one way or the other. But you should, and not just because certain groups claim that the NSA’s spying could be unconstitutional – there are lots of reasons why the alleged complicity of US tech firms could be bad for America, and no one wants to live in an Orwellian Dystopia, which is what could happen if we never take a stand.
    So with this in mind, is there any way to avoid the all-encompassing dragnet that the NSA has admitted to running?
    You bet there is, and today we’re about to reveal how. Now bear in mind that avoiding PRISM means avoiding those services which allegedly collaborate with the NSA, so it’s going to be a major pain in the beginning – and yet, it’s definitely possible to do. Think of it as a steep learning curve; you can live without Google, Microsoft, Skype et al., but it’ll take some motivation on your part to stick to the plan.
    1: Mask Your IP


    First things first, we’re going to want to hide our IP address. We can do so one of two ways – either by using an anonymizing tool like Tor, or by connecting to the net with a Virtual Private Network (VPN). The way these tools work is by encrypting your internet sessions via an external server (in the case of Tor, it bounces around several servers), thus protecting your own computer from being logged when you visit various websites. Even so, we should be wary that these solutions won’t protect us from behemoths like Facebook and Google once you log in, given that your identity is linked to your account anyway (yes, you’re basically a number).

    2: Ditch The Tech Giants



    This is harder, and basically it all comes down to ditching any service belonging to Google, Apple, Facebook, Microsoft, Yahoo etc. In fact, pretty much any major tech company should be considered suspect, because we can’t even be sure if these are complicit or not – the Feds might have some backdoor they don’t know about.
    Thankfully, Twitter user and self-proclaimed digital nomad Peng Zhong has come up with a handy list of services on his PRISM Break website that are free from NSA interference. Feel free to try any on the list, but here are my personal favorites:
    For your web browsing purposes, you can’t really go wrong with Mozilla Firefox. Not only has the Mozilla Foundation started a petition denouncing PRISM, but there’s a range of powerful add-ons you can install to protect your browsing, including DoNotTrackMe, Google Privacy, Privacy Protector and more. Alternatively, there’s the Tor browser (feels a lot like Chrome, by the way) which comes with built-in encryption.
    When it comes to searching, believe it or not, you really can live without Google. Few people realize that there are plenty of great alternative search engines. At the top of my list is the brilliantly named DuckDuckGo, which does away with the privacy problems simply by not tracking any data at all.

    For email, we can start by dropping Gmail, Outlook.com and Yahoo Mail (Yahoo sucks anyway). There are many useful alternatives, including Hushmail, BitMessage and Riseup, all of which encrypt your emails. Personally, I have started using Yandex Mail, which is a Russian company based in Moscow – if anyone’s safe from the NSA’s eyes, it’s gotta be them, surely. (To switch email providers without any fuss, you can read my post here.)
    You may feel that it’s impossible to leave Gmail altogether – for example if your company uses Google Docs to collaborate, it can be tough. Still, it’s possible to throw a spanner in the works by using an email encryption tool like GNU Privacy Guard or WebPG – tools that are basically the benchmark for anyone who’s serious about email security. These tools are able to encrypt and decrypt your messages so that even if they pass through Google’s server, the Feds won’t be able to make any sense of them. For journalists and anyone else (including budding terrorists!) whose work requires secure communications, this kind of encryption really is the most basic requirement.
    If you need to use cloud storage, you can do away with Google Drive and Dropbox, and instead use a service like Kim Dotcom’s Mega, Ubuntu One, or Sparkleshare. Alternatively, if you absolutely must use Dropbox, you can use a tool like Cloudfogger in conjunction with it to encrypt all your documents before uploading them.

    Next up, we have VoIP and instant messenger tools like Skype. Fortunately, there are dozens of alternatives here, including Jitsi, Pidgin and Cryptocat, which all offer encryption for your online conversations.
    Of course, all of this would be pointless if you also happened to be using an operating system ran by one of the major tech companies that are mixed up with PRISM, which means saying goodbye to Windows, Apple’s OS X and Google’s Chrome OS. Instead, we’re going to have to rely on open-source alternatives, such as GNU Linux, Ubuntu or Debian – it can be a bit of a pain installing them and switching everything over, but if you’re really determined to stay anonymous it’s a necessary step. And don’t forget, at least they are free!
    This covers the major tasks we do online, but there are plenty of other ways the tech “cabal” can get at your private data. Fortunately, there are alternatives for everything they can throw at you. For example, we can ditch Facebook for the community-run Diaspora social network, and there’s OpenStreetMap instead of Google Maps. Piwigo does much the same as Flickr and Instagram, whilst Piwik is a good alternative to Google Analytics. There’s also a ton of apps you can download onto your smartphone to protect yourself from predators on Android and iOS (just don’t forget to ditch Verizon).

    Keep in mind however, that no system can be considered 100% secure. While the services listed above are going to make it much more difficult for anyone to keep track of you, the Feds will almost certainly find a way if they have a reason to think you’re up to no good. PRISM is nothing new – in fact, it’s never been new, and in all likelihood, it will never stop. Sweeping surveillance operations are no longer a conspiracy theory – they are reality, but at least we’re not at the Orwellian Dystopia stage yet. It’s still possible to circumvent most government monitoring, but the onus is on you do something about it.


    http://siliconangle.com/blog/2013/06/12/how-to-get-out-of-prism-and-avoid-nsa-spying/
     

    ibnanv

    Well-known member
  • Jun 27, 2009
    3,986
    257
    83
    How to Shield Your Calls, Chats, and Internet Browsing From Government Surveillance

    How to Shield Your Calls, Chats, and Internet Browsing From Government Surveillance



    If you have followed the startling revelations about the scope of the U.S. government’s surveillance efforts in recent days, you may have thought you were reading about the end of privacy. But even when faced with the most ubiquitous of modern surveillance, there are ways to keep your communications away from prying eyes.
    Want to hide your communications from the NSA?
    On Thursday, the Washington Post and the Guardian revealed a top-secret National Security Agency program called PRISM, which reportedly involves mining private data from the servers of companies including Google, Microsoft, Facebook, AOL, and Yahoo. The tech giants have denied participating in the program—but according to a leaked set of NSA slides, PRISM involves the monitoring of emails, file transfers, photos, videos, chats, and even live surveillance of search terms. Separate disclosures have revealed that the NSA is scooping up millions of phone records from at least three major phone networks in the United States, using the data as part of program the White House says is aimed at finding terrorists.

    Not every communication can be tracked and eavesdropped on by the government, however, and there are ways to reduce the chances of being snooped on. First, instead of browsing the Internet in a way that reveals your IP address, you can mask your identity by using an anonymizing tool like Tor or by connecting to the Web using a Virtual Private Network. Additionally, you can avoid Google search by using an alternative like Ixquick, which has solid privacy credentials and says it does not log any IP addresses or search terms or share information with third parties.

    When it comes to sending emails, if you are using a commercial provider that has been linked to the PRISM spy initiative, you can throw a spanner in the NSA’s works by learning how to send and receive encrypted emails. PGP or its free cousin GPG are considered the standard for email security, and these can be used to both encrypt and decrypt messages—meaning you can thwart surveillance unless you are unlucky enough to have Trojan spyware installed on your computer.


    Novice computer users learning how to use PGP or GPG may find it a daunting prospect at first, but there are plenty of tutorials online for both Mac and Windows users that can help guide you through the process. For journalists working with confidential sources, attorneys seeking to ensure attorney–client privilege, or others whose work requires secure communications, learning how to use PGP or GPG is an absolute necessity in 2013. Organizations seeking to protect themselves from email grabs could go one step further: They could take more control of their messages by setting up their own email server instead of relying on a third-party service, helping ensure no secret court orders can be filed to gain covert access to confidential files. And if you need to store private documents online, you can use Cloudfogger in conjunction with Dropbox.


    For instant messaging and online phone or video chats, you can avoid Microsoft and Google services like Skype and Gchat by adopting more secure alternatives. Jitsi can be used for peer-to-peer encrypted video calls, and for encrypted instant message chats you can try using an “off the record” plugin with Pidgin for Windows users or Adium for Mac. Like using PGP encryption, both Pidgin and Adium can take a little bit of work to set up—but there are tutorials to help ease the pain, like this for setting up Adium and this tutorial for Pidgin.


    As for phone calls, if you want to shield against eavesdropping or stop the NSA obtaining records of who you are calling and when, there are a few options. You could use an encryption app like Silent Circle to make and receive encrypted calls and send encrypted texts and files, though your communications will be fully secure only if both parties to the call, text or file transfer are using the app. Other than Silent Circle, you could try RedPhone for making encrypted calls or TextSecure for sending encrypted texts.


    In an unprecedented report published Tuesday, the United Nations special envoy on free expression warned that due to advances in technology, governments’ effectiveness in conducting surveillance is “no longer limited by scale or duration.” Two days later, the coincidental disclosures about the NSA’s phone records grab and PRISM program seemed to hammer home the envoy’s point: A new frontier of sweeping secret surveillance is not a conspiracy theory but a burgeoning reality. However, it is not an Orwellian dystopia—at least not yet. Tools to circumvent government monitoring exist and are freely available. The onus is on us as individuals to learn how to use and adopt them.
     

    ibnanv

    Well-known member
  • Jun 27, 2009
    3,986
    257
    83
    NSA Prism program taps in to user data of Apple, Google and others

    NSA Prism program taps in to user data of Apple, Google and others

    • Top-secret Prism program claims direct access to servers of firms including Google, Apple and Facebook
    • Companies deny any knowledge of program in operation since 2007



    Prism-008.jpg
    A slide depicting the top-secret PRISM program.

    The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.
    The NSA access is part of a previously undisclosed program called Prism, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.
    The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.
    Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.
    In a statement, Google said: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data."
    Several senior tech executives insisted that they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a program. "If they are doing this, they are doing it without our knowledge," one said.
    An Apple spokesman said it had "never heard" of Prism.
    The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012.
    Prism-001.jpg
    The program facilitates extensive, in-depth surveillance on live communications and stored information. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.
    It also opens the possibility of communications made entirely within the US being collected without warrants.
    Disclosure of the Prism program follows a leak to the Guardian on Wednesday of a top-secret court order compelling telecoms provider Verizon to turn over the telephone records of millions of US customers.
    The participation of the internet companies in Prism will add to the debate, ignited by the Verizon revelation, about the scale of surveillance by the intelligence services. Unlike the collection of those call records, this surveillance can include the content of communications and not just the metadata.
    Some of the world's largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan "Your privacy is our priority" – was the first, with collection beginning in December 2007.
    It was followed by Yahoo in 2008; Google, Facebook and PalTalk in 2009; YouTube in 2010; Skype and AOL in 2011; and finally Apple, which joined the program in 2012. The program is continuing to expand, with other providers due to come online.
    Collectively, the companies cover the vast majority of online email, search, video and communications networks.
    Prism-001.jpg

    The extent and nature of the data collected from each company varies.
    Companies are legally obliged to comply with requests for users' communications under US law, but the Prism program allows the intelligence services direct access to the companies' servers. The NSA document notes the operations have "assistance of communications providers in the US".
    The revelation also supports concerns raised by several US senators during the renewal of the Fisa Amendments Act in December 2012, who warned about the scale of surveillance the law might enable, and shortcomings in the safeguards it introduces.
    When the FAA was first enacted, defenders of the statute argued that a significant check on abuse would be the NSA's inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the Prism program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies' servers.
    A chart prepared by the NSA, contained within the top-secret document obtained by the Guardian, underscores the breadth of the data it is able to obtain: email, video and voice chat, videos, photos, voice-over-IP (Skype, for example) chats, file transfers, social networking details, and more.
    PRISM-slide-crop-001.jpg

    The document is recent, dating to April 2013. Such a leak is extremely rare in the history of the NSA, which prides itself on maintaining a high level of secrecy.

    The Prism program allows the NSA, the world's largest surveillance organisation, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.
    With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.
    The presentation claims Prism was introduced to overcome what the NSA regarded as shortcomings of Fisa warrants in tracking suspected foreign terrorists. It noted that the US has a "home-field advantage" due to housing much of the internet's architecture. But the presentation claimed "Fisa constraints restricted our home-field advantage" because Fisa required individual warrants and confirmations that both the sender and receiver of a communication were outside the US.
    "Fisa was broken because it provided privacy protections to people who were not entitled to them," the presentation claimed. "It took a Fisa court order to collect on foreigners overseas who were communicating with other foreigners overseas simply because the government was collecting off a wire in the United States. There were too many email accounts to be practical to seek Fisas for all."
    The new measures introduced in the FAA redefines "electronic surveillance" to exclude anyone "reasonably believed" to be outside the USA – a technical change which reduces the bar to initiating surveillance.
    The act also gives the director of national intelligence and the attorney general power to permit obtaining intelligence information, and indemnifies internet companies against any actions arising as a result of co-operating with authorities' requests.
    In short, where previously the NSA needed individual authorisations, and confirmation that all parties were outside the USA, they now need only reasonable suspicion that one of the parties was outside the country at the time of the records were collected by the NSA.
    The document also shows the FBI acts as an intermediary between other agencies and the tech companies, and stresses its reliance on the participation of US internet firms, claiming "access is 100% dependent on ISP provisioning".
    In the document, the NSA hails the Prism program as "one of the most valuable, unique and productive accesses for NSA".
    It boasts of what it calls "strong growth" in its use of the Prism program to obtain communications. The document highlights the number of obtained communications increased in 2012 by 248% for Skype – leading the notes to remark there was "exponential growth in Skype reporting; looks like the word is getting out about our capability against Skype". There was also a 131% increase in requests for Facebook data, and 63% for Google.
    The NSA document indicates that it is planning to add Dropbox as a PRISM provider. The agency also seeks, in its words, to "expand collection services from existing providers".
    The revelations echo fears raised on the Senate floor last year during the expedited debate on the renewal of the FAA powers which underpin the PRISM program, which occurred just days before the act expired.
    Senator Christopher Coons of Delaware specifically warned that the secrecy surrounding the various surveillance programs meant there was no way to know if safeguards within the act were working.
    "The problem is: we here in the Senate and the citizens we represent don't know how well any of these safeguards actually work," he said.
    "The law doesn't forbid purely domestic information from being collected. We know that at least one Fisa court has ruled that the surveillance program violated the law. Why? Those who know can't say and average Americans can't know."
    Other senators also raised concerns. Senator Ron Wyden of Oregon attempted, without success, to find out any information on how many phone calls or emails had been intercepted under the program.
    When the law was enacted, defenders of the FAA argued that a significant check on abuse would be the NSA's inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the Prism program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies' servers.
    When the NSA reviews a communication it believes merits further investigation, it issues what it calls a "report". According to the NSA, "over 2,000 Prism-based reports" are now issued every month. There were 24,005 in 2012, a 27% increase on the previous year.
    In total, more than 77,000 intelligence reports have cited the PRISM program.
    Jameel Jaffer, director of the ACLU's Center for Democracy, that it was astonishing the NSA would even ask technology companies to grant direct access to user data.
    "It's shocking enough just that the NSA is asking companies to do this," he said. "The NSA is part of the military. The military has been granted unprecedented access to civilian communications.
    "This is unprecedented militarisation of domestic communications infrastructure. That's profoundly troubling to anyone who is concerned about that separation."
    A senior administration official said in a statement: "The Guardian and Washington Post articles refer to collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act. This law does not allow the targeting of any US citizen or of any person located within the United States.
    "The program is subject to oversight by the Foreign Intelligence Surveillance Court, the Executive Branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about US persons.
    "This program was recently reauthorized by Congress after extensive hearings and debate.
    "Information collected under this program is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats.
    "The Government may only use Section 702 to acquire foreign intelligence information, which is specifically, and narrowly, defined in the Foreign Intelligence Surveillance Act. This requirement applies across the board, regardless of the nationality of the target."