Dedication This one’s for my father. I think he would have enjoyed it. Mostly. He’d also have given me a look of forbearance, for several reasons—not least among them being that he was good at it. Thanks, Dad. I remember what you told me. It’s also for Kenneth Vaughan, a neighbor and close family friend who got me interested in cryptography when I was pretty young. I’m not sure he even knows he did that. But he did. Table of Contents Dedication Who needs this book? What's a Barefoot Anarchist? Chapter 1: Why Privacy? Why Encrypt? The Free Speech Argument Dangers of Self-Incrimination Chapter 2: Threat Modeling Sounds Ominous! You Can't Be Totally Anonymous You Must Decide What You Can Live With Attack Surfaces Your IT department Software: Open-Source vs. Closed Companies & Policies Advertising Government & Privacy Chapter 3: Connections Internet Service Providers (ISPs) Virtual Private Networks (VPNs) The Onion Router (Tor) Wi-Fi Networks Chapter 4: Downloading Files Download Sites Use BitTorrent? How About Usenet? Chapter 5: Digital Purchases Credit Card Options A Note on Card/Banking Security A Note on Credit Itself PayPal & Similar Services Bitcoin and Friends Chapter 6: General Computing Virtual Machines Physical Security Disk Encryption Passwords & Logins Smart Cards & Biometrics Sending Anonymous Data Automatic Software Updates Anti-Virus Software Chapter 7: Operating Systems Windows? Instead of Windows? Other Linux Distros Chapter 8: Telephony Location Tracking Cellular Eavesdropping Text Messaging Baseband Hacking...and Beyond? The Metadata is the Message Phones and Wi-Fi Near-Field Communication (NFC) Android vs iOS vs Others Voice over IP (VoIP) Texting Alternatives All-in-one? Silent Circle vs. Signal Chapter 9: Web Browsing Search Engines Which Browser? "Secure" Connections Fingerprinting Advertising Other Plugins Chapter 10: "Cloud" Backups Dropbox and Friends SpiderOak & Its Pals Curmudgeonly Advice Make a Decision Chapter 11: Email Who's giving it to you? How to encrypt it? Chapter 12: Putting It All Together What's Your Threat Model? How Do We Fix Privacy? Appendix A: Encryption Primer Just the Basics Appendix B: Jail! Thanks for Reading! Excerpt from Shiver on the Sky Who needs this book? Well, for starters, I do. Writing this has helped me organize my thoughts, and find (sometimes even fill!) gaps in my own knowledge, and generally it’s given me an excuse to do ridiculous amounts of web-surfing on topics I find amusing…um, I mean research. I’ve been fascinated by privacy, cryptography, and general so-called “security” issues for decades now. This goes back at least to a seventh-grade science project in which I programmed a computer to try various methods of breaking codes. Well, ciphers, technically. Back in 1981. Yeah, I’m gettin’ on for old by now. Thanks for noticing. Along the way I’ve worked for major corporations, worked or consulted for a bunch of variously-sized startups, and run my own company a few times. Now, I’m a writer. So…the book thing kinda makes sense, doesn’t it? Once you put all that together. Also, this book gives me a quick way to respond to people when they post an article or offer a product that essentially claims “use this wonderful product/service, and you’ll be insta-anonymous online!” You know what? If you learn nothing else from this book, please walk away knowing this: sweeping statements are dangerous. They hurt people. Uncritical acceptance can hurt you. Are you suspicious of that claim? Good; you’re in the right place. I’ll be showing you exactly what I mean. Here’s another: unless you do a reasonable amount of research (which I like to think should include reading this book), you may well be better off ignoring all digital-privacy issues entirely. Truth is, attempts to keep your data and communications secure can actually draw attention (Chapter Three, and elsewhere). Some things you might try sound great at the tech-blogger or product-sales level, but if you actually implement them you may find out you’ve made yourself a much bigger, softer target than you were before you decided to do something about it. Hell, against many kinds of attack you basically didn’t exist until you started dodging around. Don’t believe that claim? You are so definitely in the right place. I’m going to prove that one over and over. My guess, since you’re reading this book in the first place, is that you will be using systems to help you safeguard your privacy. I’ll do what I can to help that work out for you. Thing is, large-scale unsupported claims and offers of Simple! Cheap! Solutions! help sell products. Apparent panaceas also work very well as clickbait (meaning basically that the headline draws people in), which helps online writers gain notoriety—and sell advertising space, which is how most of them generate dollars. We’ll definitely talk about advertising too, because it matters more to your privacy than you might think. In general, any time you read that a single product, whether it’s a phone, a browser, a browser add-on, a networking scheme, a digital currency, or whatever it may happen to be, will make you secure? Or anonymous? Or otherwise, somehow, safe? If only you’ll use it? Well, it won’t do that. It really can’t. At least, not always…and never by itself, without qualifications and reasonable care on your part. Beware the fine print! Which, unfortunately, is generally more metaphorical than real. It may or may not even help to use a particular product or service. Some of these ideas you read about will probably, when used with appropriate care, be tools you’ll want to adopt. Others will be actively harmful. Often it will depend on the context in which you’re using them. Another fun concept: a lot of the useful tools can also be harmful, if used incorrectly. If you haven’t yet learned how to understand the tools and how they work together, or don’t. Yes, I’ll prove that too. Much of what you are currently doing, right now, is very likely broadcasting far more information about you than you know you’re giving out. Even if you write software, or manage computer networks, or do tech support, for a living. But I want to be clear, here: I am optimistic that you can take a much larger degree of control of your digital footprint than you ever have before. Once you know more about what that actually looks like. Don’t let that last paragraph scare you off. If you can currently grasp the difference between “the internet” and “a web browser,” you’ve got just about all the expertise you need to understand this book. If I do my job at all well, you’ll be way ahead of most IT (information technology) professionals when we’re done. (Of course, you might already be way ahead. If so, good! Let’s see if I can still find some angles you haven’t yet explored, shall we?) Here are some things I’ve heard in the last couple of months, from one IT pro or another: “But how can open-source software be secure? I mean, if people can see your code…” “I really doubt Google cares about my browsing history.” “People should protect their privacy with the right Facebook settings.” “I use a VPN (or Tor) and that means I’m browsing anonymously. Or at least I’m more secure.” “I get all my files from Usenet, and I use SSL, so I’m anonymous and my ISP can’t tell what I’m doing.” “Company X says [whatever] in their privacy policy, so if that’s true, I’m safe from Y.” “Well, my hard drive is encrypted—so I don’t have to worry about X” (where X means ANYTHING but “simple theft of the hard drive”) “I only encrypt my ‘home’ folder, because encrypting the system is overkill.” “I use Linux (or a Mac), so I don’t need to worry about this stuff so much.” “I think the government has backdoors into everything, so there’s no point in trying to hide anything.” …and so on. You may already see why all of these are ridiculous. Or maybe, at this point, you’re nodding along with one or another of them. Well, if so, this book is definitely for you. Seriously, they all have major flaws (often more than one apiece). And I’ll prove that to you. I’m not going to nit-pick any of the above and claim some sort of technical “victory” afterward. I’m going to show you, with no room for doubt, that all of the above are just wrong-headed. You really can’t even say stuff like the above, at least without a string of caveats, if you understand what I’m about to show you. I’m going to be very specific in my recommendations, when I can. Other times, I’m going to do what I can to give you a sense of the trade-offs you’ll make as you go along. But I’m also going to show you, as best I can, how to analyze these tools and issues for yourself. In fact that last part is, for me, the most important thing I can do here. Because there will always be new tools and new options to consider. I’m including hundreds of links throughout the book, for a couple of reasons. First, some of what I say will almost certainly strike you as completely outrageous. So, I’ll offer evidence. Second is sort of the same issue: I’m going to be asking you to doubt everything you’re told, by anyone and everyone, about online security. To evaluate each claim, taking the incentives and prejudices of the person or organization making it into account. To understand what to provisionally accept, and what to reject entirely, and why. So. If you believe a damn thing I say, without evidence? Then I’ll have failed. I’ve said this before, and I’ll say it again: please don’t believe me, or anyone else, without evidence. Some people, when I start pointing out issues with one system or another, have called me a defeatist. Well, as I said above, I disagree. I think of myself as an optimist. Here, that means I’m believing in you. At bottom, computers are mostly machines for storing and copying data. The internet, which doesn’t even exist without computers plugged into it, is all about copying data. No getting around it, there is something intrinsically paradoxical copying data. No getting around it, there is something intrinsically paradoxical about trying to use the internet without passing lots of information around. When you look into the internet, the internet looks back into you. And yet I’m not going to advocate moving into a cave and destroying all your electronic devices. I am going to very strongly suggest that you learn the basics of what those devices are doing. Not to the point that you personally understand all the bits and bytes. I don’t think you need to learn network protocols, or even how to write a “Hello, world!” computer program. I don’t even think those things would help very much. We all have lives to lead. We all have our own priorities and goals. We don’t all want to become IT or security specialists. But I’m convinced that, after I analyze various systems here for you, and show you how I do it? You’ll be able to do it for yourself, going forward. If you want to. Thinking usefully about security is a skill. You’ll probably learn a lot about how that works. And then you’ll make better decisions about the type of data you share, and whom you choose to share it with. Maybe I’m wrong, about either my ability to show you or your ability to understand and use the information. But I don’t think so. Plus, at the end I’ll tell you how and why I spent several thousand dollars, a night in jail, and several months worrying about my future…all for being naive, and for trying to be helpful. I was very clearly protecting myself (or so I thought!) and thousands of other people—but a large university, a police department, and my then-employer didn’t see it my way. They got downright nasty about it, in fact. Large institutions don’t, it turns out, often reward people who point out their failures. Even if they have to be sneaky about it, and wait till the public fuss dies down before getting their revenge. Given a choice between doing nothing and doing what I did? I’d do it all again. No question. I’d have to. I’m nobody’s hero, but that situation really needed to change. But as they say, if I’d known then what I know now…I could so easily have avoided all the trouble I got into. If I’d read this book, or one like it. What's a Barefoot Anarchist? I guess…I am. Now, it’d be fun to tell you all about how I say I’m barefoot because I’ve learned to tread carefully. I’m sensitive to my environment, and I make full use of all my nerve endings to gather information. That kind of thing. In, get it, a digital landscape? That’s sort of clever. Enough to make me smile, anyway. Not a high bar, but it’s something. Truthfully, though, I’m not wearing any shoes at the moment. Generally, I don’t. I even wear fake shoe-like coverings with no soles, sometimes, so I can get into restaurants and other places patrolled by the Shoe Police. It’s a thing. Maybe I’ll write a book someday. (Take Back Your Body: The Barefoot Anarchist’s Guide to Feeling Good?) In other words, I stuck “barefoot” in the title just for fun. I mean, why not? I thought of it, and nobody stopped me. As for the “anarchist” bit? Well, maybe I’m an anarchist and maybe I’m not. It depends on your definition of the word, and I have very little information about that. It might be fun to try writing a book about politics and similar topics someday (Take Back Your Brain: The Barefoot Anarchist’s Guide to Belief Systems?), but this book is not that book. Nor does it try to be. Let’s just say that, for the rest of this volume, I’m going to be skeptical of damn near everything, including my own preferences as far as is possible, and invite you to do the same. That sounds at least sort of like an anarchist right there, doesn’t it? Enough for me to use the word, anyway. (Though it may be helpful to bear in mind that I also titled a novel Pagan Sex because I thought it was funny. Hasn’t sold very well yet—though it’s my champion for free downloads—but I’m still happy about the name.) The word “paranoid” gets used a lot in the context of computer use, privacy, and online security. Thing is, that’s what folks call an ad hominem attack, meaning it’s directed against a person rather than against a person’s argument. In other words, it’s pretty weak…by itself, anyway. In order to understand what is or isn’t mere paranoia, it’s necessary (says me) to understand quite a bit about how various systems actually work. That’s what this book is for. Fair warning: unless you’ve been immersed in this stuff for a while, a lot of what I have to say will strike you as unreasonable, or overly suspicious of companies or governments, or (best of all!) both of those things. And I admit freely that I think that’s the most-fun part of writing it. There are lots of links here, though, and the ideal reader from my point of view would click on all of them. Some are informative, some are there to demonstrate that not all weird ideas in this book originate with me, and some are just for fun.