|Home » Learning Curve
Privacy: Where We Are Now and What You Can Do (TL;DR)
Three simple rules for protecting your privacy. By Mack Diesel.
This is admittedly going to be a long ass post and chock full of information, so there is my TL;DR warning. No Cliff Notes for this one. I also apologize in advance if it seems that I'm preaching to the choir in here. Nevertheless, I hope you find this to be a decent thread as a refresher course which will help you get your real life and online houses in order. This is mostly American-centric since I obviously live in the USSA, but it is still valid wherever you are in the world.
For the newcomers and lurkers, I teach computers at a vocational school, tutor students on computing, and consult for SOHOs. Ever since MOAB and from my own experience with clients, I've been heavily researching privacy and security issues. I read Schneier, Krebs, Threat Level, among others ad nauseam. There isn't a day that goes by where I don't find out some friend had their e-mail account compromised only to then find out that they used the same passphrase with other accounts. Or someone else in one of many groups I associate with fell for a phishing scam - especially with job postings.
You probably have enough acquaintances, friends, and colleagues in your periphery who are out of work and are desperately looking. Scammers have been taking advantage of their misfortune by fraudulently signing up as employers on the more popular job sites (e.g. Monster, Careerbuilder, etc) and even state employment agencies. When you submit your CV/résumé to these sites, you should be extremely cautious as to what kind of information is on it. Scammers will use your personal information to pose as legitimate employers and attempt to phish you for even more personal information - one which will possibly lead to raiding your financial accounts or creating them in your name.
Here in the USSA (deliberate spelling in case you haven't figured it out) our .gov has been covertly wiretapping in the name of the WOT. And now the new Internet 'czar' wants the same covert wiretapping powers to spy on users to see if they are infringing on copyrights. All the more reason to embrace what privacy we have left.
This article posted a while back has now come true for the worse. Sites like Intelius and Spokeo aggregate your personal information from RL and tie it to your online life wherever they can find anything remotely related to you. MyLife makes its fortune (who am I kidding; they all do) from selling it around to whoever wants it. This gold mine of information is not only a HR busybody's wet dream, but a criminal's as well. If you are a teacher and have some disgruntled student who wants to make your life a living hell? Well, you're going to want to protect your personal information so that it becomes a lot more difficult to find you. The same holds true if you suddenly find yourself in front of TV cameras or in the newspaper. Not too long ago, there was a horrific accident here in So Cal splashed across the pages of newspapers. In one newspaper, the commenting peanut gallery went to the court web site and searched the dead victim's name and found all sorts of traffic cases against her. They judged her in the court of public opinion by saying that they were glad she was finally killed (even though to this day no one knows who caused the accident). Back to the article 'So much for anonymity these days', the following statement was made:
I'm not trying to steer this towards tinfoil, but it's scary to think about the worst case scenario: TPTB scraping up all of the web sites together, cross-checking all logs, and linking IP addresses, cookie information, your online billing accounts, and history to your login usernames as well as social networking information to build a complete and cohesive profile of you. They'll know about every site you visit, what you've said, and who your contacts are among other things. Who is to say that it hasn't already happened?
It gets worse than what was predicted. These sites collect information from birth certificates, marriage licenses, court cases, property taxes, motor vehicles, voter registrations, credit reports, utility accounts, and anywhere else where you provided information about yourself. These sources are all aggregated together and matched with articles, handles, and Web 2.0 accounts associated with you - Blogspot, WordPress, Digg, Last.fm, Pandora, Facebook, MySpace, etc. You would have to be drop-dead stupid to use your real name with these kinds of sites. Sorry for the harsh language, but that is the reality - especially if I just called you out in the last sentence. Worse, you would have to be even more stupid to associate any kind of financial information with these sites - be it Facebook Credits or a Last.fm subscription (Freetards FTW).
Mr Zuckerburg and Mr Schmidt both want to see the death of anonymity and privacy. Yet they won't let you readily peer into their lives. Fortunately for us and to the detriment of their progress, we still have some sort of privacy left (before TPTB really clamp down). However, as you have just read, it starts with your RL. So let's first explore getting your RL privacy in order.
(On a personal note, let's cut the bullshit about having something to hide. This isn't about hiding from authorities because if they have unlimited funding, they're going to find you anyway. This is about protecting yourself from the scum out there who steal your personal information and make your financial life a forgone conclusion.)
YOUR REAL LIFE PRIVACY
First, it helps if you have multiple first and/or middle names so that you can easily use different aliases and adopt an online persona. Some people adopt 'American' names when they move here. However, most of us aren't that lucky. So let's move on to the single most important thing you can do for yourself.
Never associate your name with the physical place where you sleep at night. If you learn nothing from this thread, learn this piece of advice. Postal boxes are cheap; private CMRAs (e.g. The UPS Store, mom and pop mailbox and copy centers, etc) are better since they resemble apartment/suite addresses to those who don't bother to check. In addition, you can receive packages there since you can't at a Post Office box.
If you receive mail at home, you should stop that practice ASAP. Mail is often stolen as companies are stupid enough to print all sorts of personal information. Sometimes, you have shit-for-brains mail carriers who mix up mail. Other times, you have assholes who deliberately sabotage or lose your mail. While you're at it, you might want to consider going paperless when it comes to financial and utility bills. It may be more work for you in putting due dates on a calendar and remembering how much you owe, but you lessen the risk of having important personal and financial information stolen from your mailbox. If you receive packages, consider the CMRA route instead of receiving them at home. Unattended packages at your front door leave your personal information vulnerable. Even better, get a nominee to hold your packages for you. When you do change addresses, DO NOT set up permanent forwarding. The Post Office makes their money from selling your information to the junk mail companies. Ideally, you do not want any kind of forwarding - but if you want to make sure you caught all of your important mail, consider temporary forwarding for a few months.
Shred all mail with any kind of personal information - junk mail addressed to you, credit card offers, and whatnot. Use a cross-cutting shredder. Jumble up the shreds and throw in a dumpster other than your own garbage can. You'd be surprised what your trash says about you.
Since you are in the process of stopping mail at your present address, consider heading over to dmachoice.org and opting out of receiving junk mail. Like a Do Not Call registration, it's good for 3 years.
First of all, no form of telephony is really secure. Assume that all conversations, text and picture messages, and voicemails can be intercepted and eavesdropped on. If it's sensitive, face-to-face or encrypted conversations are best. VoIP is probably your best bet even though some will argue that landlines still give you the best privacy. Ideally, you do not want any kind of copies of your conversations. You'll probably want to get a forwarding service like Google Voice. Use the number as a gateway to your real numbers. This is especially important if you are looking for work and want to post your CV/résumé online. As these forwarding numbers are landline numbers, it should go without saying that these numbers are on the Do Not Call list. Besides, you can flag unwanted calls and messages as spam anyway and never hear from those numbers again. Sipgate is a good VoIP provider. Pairing it with GV gives you free outbound calling. Note that you never use the softphone's dialer - you initiate calls through GV. I like to keep backups on hand and use Ekiga + IPKall (though the quality really sucks). This is all free, so you can't really complain.
If you need E911, stick with landline and set it up with the cheapest plan you can possibly get. You can then use GV to make long distance calls. Make sure you get an untouched number to avoid inheriting someone else's debt collection calls. The traditional telcos like to nickel and dime you for number blocking that you take for granted with Google Voice and VoIP services, so be sure to get a virgin number. If you live in a very highly populated area (e.g. NY or LA) this might be next to impossible. Newer area codes are best.
Mobile phones? Well, if you really want privacy, you shouldn't have one to begin with. Even if GPS is turned off, if you have an active Wi-Fi radio you can still be pinned down to an accurate location regardless if you are on a 3G connection or not. It should go without saying that you disable GPS tagging of your photos. Even with that disabled, for less accuracy you should also turn off the Wi-Fi radio before taking pictures. When you are not using the phone, power it off and remove the internal battery to avoid being eavesdropped on. If you're job hunting, some suggest going with a prepaid mobile strictly for that purpose. The point is that you do not want your real phone numbers floating around and gobbled up by data miners and scammers.
One last note with Google Voice or whatever forwarding service you go with: you should really get two accounts - one 'professional' and one 'personal' to act as a mailbox for things like raffles. Your real numbers should only be known by you, trusted immediate family, and trusted associates.
UTILITIES, BANKING, DMV, ETC.
Some people like to use nominees to open banking and utility accounts for them, but I won't cover that here. Ensure that you are using your CMRA address and virtual/forwarding phone number, as these entities won't hesitate to sell them around. Moreover, your address and phone number will appear on your credit report and you will want to maintain a string of PO box and CMRA addresses as well as virtual phone numbers. The big 3 credit reporting agencies DO sell your information around as a search of yourself on the likes of Intelius will show you. Make sure that all correspondence originates from your CMRA and virtual phone numbers. You don't want to inadvertently reveal other true phone numbers or physical addresses.
Your shiny new credit and/or debit cards and drivers license probably contain embedded RFID chips. I guarantee you within the next few years you will be reading about RFID theft on Krebs on Security. To protect yourself, you can use aluminum foil and duct tape to surround your RFID cards or pony up for a RFID-blocking wallet.
If you regularly read KoS, you already know about ATM skimmers. Beware of gas station skimmers and fast food skimmers as well. If you pay by plastic, use credit instead of debit as the latter gives you little to no fraud protection. A better alternative: use cash while it still affords you some anonymity.
Carry enough cash and the cards you need. If you lose your wallet, you won't have to worry as much when you call financial institutions to close your accounts and place fraud alerts on your credit reports. Excess cards should stay at home in a secure place. Consider protecting your wallet from RFID scanners.
You should have NOTHING with your physical address on it. If your car is broken into or stolen, the criminals will know where to go. For maximum privacy, avoid personalized or special plates. You don't want to stand out.
To avoid being ambushed by Ponch and Jon, you should consider getting a radar/laser detector if it is legal where you live. I personally use Valentine 1; anything less is asking for trouble. Consider hard-wiring it (or hide the wires) and mounting it high on the windshield so that it is not obvious to passerbys or Ponch and Jon themselves. Remember, you do not want to be the recipient of a traffic ticket. Even if you are exonerated, you will still end up in the public database on the court's web site. An entry in the database includes details such as your possible aliases, what you were charged with, who the agency was, what you pled, what your bail amount was, and how you were found (not guilty, convicted, traffic school, etc). Data mining sites can and will pick up that information.
While on the topic of Ponch and Jon, their vehicles have what is called ANPR - Automatic Number Plate Recognition. There are cameras fitted on both sides of a roof-mounted light bar and one camera in the back. Some vehicles also have a camera mounted in the front. When they drive around, the system automagically captures images of license plates including snapshots of the cars and drivers as well. You should think about if you want your car to be found at a certain place if Ponch and Jon were to roll through.
Notice that they're using Windows. What if their database was hacked? Would you want that kind of information out there?
On a side note, nice to see how they're above the law by doing 80 MPH on the 405 (65 MPH speed limit). Too bad you don't enjoy the same 'freedom'. You'll end up with flashing red and blues behind you and a one-way trip to the local county courthouse's searchable database.
Now that you have established your RL privacy, you are ready to make your online habits safer.
You'll have to decide if you want to use it and assume the risks of doing so.
Maintain several different screen names and do not let them cross each other. To that end, have a professional screen name, a personal screen name you don't mind possibly mixing with your professional screen name (e.g. two Gmail accounts getting together on an Android phone with the same personal handle being used for Pandora, last.fm, etc). Forum screen names should not be remotely related to each other.
Never reference anything personal about you that could be used to break a security question - birthdays, your appearance, etc.
Maintain several e-mail accounts. Your own domain is best, followed by your ISP. If you use a free webmail provider, stick with Fastmail or Gmail (two factor authentication FTW). Avoid Yahoo and especially Hotmail. The latter two are frequently used by spammers. I've lost count as to how many friends using Hotmail and Yahoo have had their accounts compromised.
If you use Gmail, you can use labels to filter incoming mail in the format firstname.lastname@example.org where label is the name you apply. For example, if you get tickets to a concert through Ticketmaster (and they WILL spam you) you can use email@example.com. Then send anything addressed to firstname.lastname@example.org to the spambox. Do note that some sites will not allow the '+' symbol. Other e-mail providers allow for these kind of modifications as well; you should check with your provider.
Never trust your e-mail to be secure, regardless of provider. Assume that it can be read by anyone. If something is sensitive, encrypt your messages or stick to face-to-face. We all know that Google is evil; we don't know about the others and they probably won't come out and tell you with a straight face.
As far as storing and archiving messages, think about how you would feel if your accounts were compromised and everything was posted for the world to see. Would you want the contents from those messages on the front page of the New York Times? Or what if you know that you are about to be subpoenaed? (By the way, DO NOT destroy anything if you are about to or do receive a subpoena; severe penalties can result for destroying evidence.) Stick to your data retention policy. If you don't have one, begin one and decide what is worth keeping and how often you should purge old messages. By the way, this should apply to your text and voice messages too.
If you were to fall victim to a fraudulent job posting, you'll probably end up in a spammer's database. More than several years later, I still get fraudulent messages from 'agencies' who claim that they have reviewed my resume and that I am a fit for whatever 'position' they are offering - never mind the fact that I don't have a resume posted anywhere these days. Then they ask for a recent resume and a way to contact you - even though you already provided that information in your resume. This is why you should have a CMRA address and virtual phone number on your resume. The crooks will never know where you really live.
Develop a data retention policy for instant messages. Never click on links and especially do not friend people you do not know. Assume that anything you chat about will be made public.
Schneier thinks you should write them down and keep them in a wallet. I tell my students to use something like KeePass/KeePassX. First of all, it's cross-platform and you can take your encrypted kdb file to a Windows, OS X, Linux, or Android system. If it's too hard to remember several passwords, you can choose a strong password and salt it with something related to the web site. For example, you love Colgate toothpaste. If this is your password:
I will be very surprised if you haven't been hacked yet...
Better. You can probably choose this as a weaker password for blog comments, forums, and other place where you could care less if someone hacks the database. I personally recommend using 3 levels of passwords; this is level 1. You can make a password out of the sentence 'I love Colgate'.
Better. This contains the elements of a good password: Mixed case, numbers, and symbols. It is 11 characters. Use this for local logins where you have total control over your hardware, social networks, e-mail accounts, and other places where you have some personal information contained within them. You can salt the password like this:
Now the password is even stronger. Salt the password in a way that you won't forget and hackers can't figure out if one password is compromised. I like to complicate things but then again I have a password manager anyway...
And for Level 3 - financial sites and anything that could lead to personal and financial ruin - have something like this:
I turned the E sideways into M. You can do other creative things like use two Vs for a W and so forth. Passwords like these might be a PITA to enter, but that's what copy and paste is for.
If you do participate, foul up your information just a little in a way that the data miners can't accurately profile you and won't compromise answers to security questions. Never use your real/true legal name. If you had a nickname growing up, use that...anything which does not cause your RL and online identities to collide.
Never assume that anything you post is private. Nothing is private on the Internet.
THE EFF'S SURVEILLANCE SELF-DEFENSE
Read it. Study it. Learn it. Absorb it like a sponge.
SANITIZING YOUR SYSTEM
If you're an ACP user, you already know what to do. You're using Tracker to see where things are being placed. You use SPX to shred sensitive files. You're obviously not using Microsoft products in any way whatsoever (even the EFF is telling you something).
You ensure that cookies aren't tracking you (including LSOs). You don't save passwords in your browser (unless you use a master password). You are clearing your system of old logs, documents, and mail messages. Above all, you're using Truecrypt to store confidential information.
THE GOLDEN RULES OF THE INTERNET
1. Anything you post on the net is there forever.
2. If you want your 15 minutes of fame like this dumb bitch, there is no Undo button once you click Submit.
3. Anything you post on the net is there forever.
I think that pretty much covers almost everything. If you screwed up somewhere and your privacy is blown, you will need to start over back at square one in real life, break patterns, and for the love of your higher being, divorce your real name from the place you sleep. Beware, however: every year it gets harder and harder to maintain your privacy.
Mack Diesel is a technology writer who uses both Mac OS X, Ubuntu, and open source in general.