“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
I think it would be safe to say that in 1792, if an agent of the government would have stopped Thomas Jefferson on the street in Charlottesville, and demanded his personal diary or papers without a warrant, Mr. Jefferson would have likely have used that little pistol he carried. Fast forward these two hundred plus years and woe how compliant we citizens have become. The first thing I usually hear when having a discussion on this topic is “but I don’t have anything to hide!”. That is not the point of the exercise and oh yes my friends you have lots to hide.
Who are the bad guys? Well a short list includes: Hackers, Identity Thieves, scammers, and in the case of anyone in the public eye, the media. Make no mistake, as the trials concerning phone hacking in the U.K. should be telling that large media organizations are ruthless in their desire to garner “dirt” and are becoming more sophisticated. On the other side of the coin, lets say you belong to an animal rights group, non-mainstream political party or other some other organization. If so even at a third degree of separation you may be on big brothers watch list.
NSA and CIA programs brought to light by Edward Snowden are collecting every bit of data about YOU that they can get. Phone calls, tweets, emails and texts. Ever hungry Marketing and media companies are also out to get you and your dollars and your friends dollars and their friends dollars. And while it all may seem innocent now, find yourself in a brush with trouble ten years from now and all those “private” bits of data will be used against you and put on full public display.
What countermeasures are available to the average citizen to help in maintain their privacy? Grab another cup of coffee and lets get down and dirty. The first order of the day is buy a shredder that makes confetti of your documents or at least does crosscut. This will help take care of personal and financial documents that you don’t want someone digging out of your trash. Even better is to burn these documents if you can. Next get yourself a Post Box at the local UPS Store and begin having important items delivered there, taking away the risk of mailbox skimmers.
For your digital life I recommend the following actions and purchases. Don’t use Gmail, Yahoo or other mainstream big business email services. They might seem to be great, but trust me they are not free and in some circumstances they might just cost you your freedom. Register a domain name with Bluehost and for the cost of two cups of horrible Starbucks coffee per month you can have your own email service. This alone will NOT keep your email from being read, but will keep companies like Google from scanning EVERY email in and out of your box for their own purposes.
Also ensure you have good anti-virus and anti-malware loaded on your pc and or laptop. While no product on the market is foolproof, it’s better to have than have not as 98% of data breaches are from malware and now we see ransom-ware more frequently. Microsoft Security Essentials and Malware Bytes are our go-to products for non-mac units.
Now download a copy of OpenPGP and learn to use it. If you have particularly sensitive emails to send, this will defeat non-governmental attempts to read your mail. For keeping your hard drive safe I recommend Truecrypt to enable whole disk encryption. For moving files in your bag or on your person an encrypted thumb drive from Kingston works extremely well. Always insist on a minimum of 256bit encryption for any device or program.
In your browser, enable private browsing and automatic erasure of cookies, and with Mozilla Firefox you can even install TrackMeNot which helps to obfuscate your searches on the web, its kind of like seeing a Google search as a grain of sand and Trackmenot throws a handful of sand in with your search.
Around the house don’t forget to enable WPA2 encryption on your wireless devices with a strong pass phrase. On the topic of passwords and passcodes, I strongly recommend a PASSPHRASE instead. “Jack&Jillwentupthehill is exponentially more difficult to break than a single password. You should also consider passwording the BIOS on your desktop and laptop. If you use an cloud based backup program such as Mozy make certain you have encryption enabled.
So there you have it coffee lovers, a few simple and inexpensive steps to have a bit of security on your personal data world, now back to my Costa Rican.
About the author
Russ is a Certified Information Systems Security Professional (CISSP) who has spent over two decades in the Information Systems field. He has worked with federal and local law enforcement agencies, Fortune 500 companies and healthcare practices in the InfoSec Arena. He has also worked more recently as a corporate security and business intelligence operative in the Midwest.
* Some links to products are Bitojava.com Affiliates*