Support

The UK Column can only exist with your support

Tuesday, 16 February 2010

Surveillence Self Defense

Posted By The Editor On March 5, 2009 @ 10:18 am In Mike Robinson

The Electronic Frontier Foundation [1] has launched a new website [2] called “Surveillence Self Defense,” designed to offer advice about the capabilities of US law enforcement and government surveillence capabilities, and the things people can do to defend themselves. While this is a US-centric site, it offers good information. Read it well.

One of the areas they discuss that I do have issues with is data encryption.  Now, on my little netbook – the computer I carry about in my bag – I have the entire hard disk encrypted. The only reason for this is to prevent some thieving scumbag from reading my email should he get his slimy mits on it. It’s not to prevent law enforcement from reading it, because if I refuse the give up the passwords, they’ll just throw me in prison.

So, as a general rule, unless you are carrying your personal data around with you, I would say forget about encryption.

A much better strategy is to emulate the supermarket loyalty card campaign that ran a few years ago. It worked by people applying for loyalty cards and using them. Cards were swapped from time to time randomly between the participants, poisoning the database.

This is the better strategy. Instead of trying to hide what you are doing, get it out in the open. But surround it with useless junk that the surveillence spooks have to process. Flood them by making phone calls and sending emails with bogus content, building websites and blogs, notifications of spoof demonstrations, FOI requests, bogus intelligence and any other thing you can think of which causes them to have to inspect the data using a human being rather than a computer.

Aim for total information overload, rather than total information awareness.

While this is a great strategy in general, there is, of course, a line to be drawn. That line is the threshold of my own home and its contents.

So when I hear of powers such as the UK police have had newly introduced – for example the ability to legally (not lawfully) hack into your computer without your consent or knowledge [3], that’s a step too far. Why should these idiots have access to my bank account information, passwords and the rest? Are they going to protect the data they gather, or are they just going to end up with another database they can leave on a train [4]? As far as I am concerned, if they want access to my computers, they need due cause and a search warrant, no matter what the Home Office says.

So on this specific issue, I would recommend getting yourself a decent firewall [5] (if you’ll excuse the advertisement). There are no guarantees, of course, but the better the firewall the harder it is for them to access your stuff remotely without your knowledge. The firewall on a standard adsl modem just doesn’t cut it – more often than not, it’s not even switched on.

Article printed from The UK Column: http://www.ukcolumn.org

URLs in this post:
[1] Electronic Frontier Foundation: http://www.eff.org/
[2] new website: https://ssd.eff.org/
[3] legally (not lawfully) hack into your computer without your consent or knowledge: http://www.timesonline.co.uk/tol/news/politics/article5439604.ece
[5] a decent firewall: http://www.aspects.cc/firewalls