NSA Black Paper
NSA Black Paper
NSA Black Paper
Im not here to tell you that we are being spied on. That Facebook is keeping track of you and your friends. That Google is storing your searches, your locations, your emails, your browsing history. Everything. That the NSA can listen in on every phone call and read every text message. Everybody knows that. They know it. We know it. We know that they track our every move. We know about their social network profiling and enormous data centers they are building all over the country.
As Ive said before, from Obamas kill switch, to ACTA, SOPA and PIPA, to stasi tactics against people like Kim Dotcom, hardly a month goes by without some major action against Internet users. But its whats going on in the background that you should be worried about. As William Binney, another NSA whistleblower and the agencys former Technical Director, recently told me in the May 2013 edition of our premium service, Sovereign Man: Confidential It was around 2003 when they started putting optical fibers coming into the US through Y-connector Narus devices. Basically these would duplicate the data coming across the Internetone set of packets would go the normal route, the other set would go to NSA facilities. There, they collect all the data coming in through fiber optics, reassemble all the data packets into useable information-- emails, file transfers, etc. and then pass it along for storage. That means they are taking all that data off the fiber optic lines at 20 main convergence points in the US, collecting almost all of the Internet traffic passing through the US. This gets them pretty much control over the digital world. But this is no guide to PRISM or other surveillance programs carried out by governments around the world. No, this Black Paper is about solutions. And weve intentionally kept this as a short list of actionable solutions. No fluff. This Black Paper is about how you can reclaim some of your privacy and integrity in a world of Big Brother surveillance; how you and your friends can give all state surveillance and unwarranted consumer profiling the finger...without them ever knowing where you disappeared.
In a perfect world there would not be government agents spying on you. And youd be able to go about your daily life without worrying about someone reading your emails or text messages. But we are not living in a perfect world, and thus you can always expect the government to do what they have always done throughout history; they lie, they steal, they kill, they spy, and they always strive for more power and more control. The bottom line is; when it comes to your freedom of integrity and privacy, the government cannot give it to you. Because your freedom is not theirs to give. It belongs to you and you alone. If you want it back, you must take it for yourself This Black Paper will help you with that. These are important steps. Please, share this Black Paper with your friends and family, or share this link with your social networks. Now lets take back your privacy. To your freedom,
TIP
But keep in mind when you browse, that if the browsers lock icon is broken or carries an exclamation mark, you may remain vulnerable to some adversaries that use active attacks or traffic analysis.
DuckDuckGo does not collect or share any personal information. I use it myself, and I can attest that the search results are more than satisfying when compared to Googles search results. So go and bookmark https://duckduckgo.com, or better yet install their Firefox add-on in your Tor Browser. Searching on the go? Get the DuckDuckGo app for iOS or Android. But...you are not only actively tracked when you search on Google or watch videos on Youtube. You are also passively tracked when you browse the web through the countless of tracking scripts that you unknowingly run, and cookies that are saved to your computer, when you visit a website. Google Analytics is just one example, and its rare to find a website today that does not have Google Analytics tracking set up. This means that you can be tracked on the majority of websites that you visit, and we all know where this data might end up... The solution? Block the trackers, so that you stay invisible to websites you visit. To do this, install the browser plugins BetterPrivacy and DoNotTrackMe on the Tor Browser that I recommended earlier in this chapter. One final add-on to the Tor Browser that you might want to consider is the NoScript plugin, which blocks javascript on the websites you visit. Ill let the creators explain why this may make sense: NoScript allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your trust boundaries against cross-site scripting attacks (XSS), crosszone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts I know that sounds advanced, but if you want to maximize your browser security then you should give NoScript a try and whitelist only the websites that you trust.
So dont use Gmail or any other common cloud based email service for that matter. All of these companies will hand over your data as soon as a government agency knocks on their door. Now, encryption is all the rage right now, but encryption is only the last step out of three that you need to take to secure your email.
10
The simplest way to get started with encrypting your emails with GnuPGP is to download and install Mozilla Thunderbird along with the Enigmail add-on(check out their Quick Start Guide), along with your offshore email account.
11
12
Its really easy to get started with Cryptocat. Just enter a conversation name and a nick name, and then click connect. To chat with a friend they just have to enter the same conversation name and you will have your own private and encrypted chat room. As the team behind Cryptocat warns though, this is not a perfect solution: Cryptocat does not anonymize you: While your communications are encrypted, your identity can still be traced since Cryptocat does not mask your IP address. For anonymization, we highly recommend using Tor. Cryptocat does not protect against key loggers: Your messages are encrypted as they go through the wire, but that doesnt mean that your keyboard is necessarily safe. Cryptocat does not protect against hardware or software key loggers which might be snooping on your keyboard strokes and sending them to an undesired third party. Cryptocat does not protect against untrustworthy people: Parties youre conversing with may still leak your messages without your knowledge. Cryptocat aims to make sure that only the parties youre talking to get your messages, but that doesnt mean these parties are necessarily trustworthy.
13
14
15
RedPhone
An alternative solution for Android is the free RedPhone app by Open WhisperSystems. Its also open source, and has seen real action when it was (and still is) used by dissidents in Egypt during the recent turmoil. Just install it, launch it, and call a friend, and if they have RedPhone installed you will see a notification asking if you want to upgrade to an encrypted call. One word of caution though: RedPhone only encrypts the traffic between your phone and the other end of the line. As the Tactical Technology Collective says it becomes easier to analyze the traffic it produces and trace it back to you, through your mobile number. RedPhone uses a central server, which is a point of centralization and thus puts RedPhone in a powerful position (of having control over some of this data).
16
17
18
e stablishing residency in some thriving and exotic country as a backup plan or just to build that better life i nvesting in productive farm land that will put money in your pocket when things are going well, and food on your table when the shit hits the fan If you liked this Black Paper on how to give NSA the finger, then I invite you to join me and over a hundred thousand other men and women as we together explore the future of freedom and prosperity in Sovereign Mans free newsletter, Notes from the Field. Click here to sign up for Notes from the Field
19