I employ a specific email address linked to our family site at Ruthenians.net used exclusively when sending email blasts out to an admittedly captive audience of family and friends after I’ve posted either a new item of vital importance and sage insight on our Blog or the latest video masterpiece depicting events from our family exploits and worldwide travails. Nobody ever responds to these messages, so I’m never sure if anyone bothers even to either read the email or view the posts. As a result, keeping this website going is a leap of faith, even for an septuagenarian agnostic anarchist like myself.
So if I only use this unique address for family and friends, how come I keep getting spam from “marketeers” who want me to sign up for penile enlargement drugs, investment strategies, Nigerian banking schemes, Ukrainian brides [I do have to admit that having seen them up front and personal, Ukrainian women are drop dead gorgeous], and online “dating”? Dating? Don’t they know the biological imperative no longer applies to geezers? Seriously, you gotta wonder who is out there watching, what they’re doing with what they see, and more importantly why voices opposing such ubiquitous, unwarranted surveillance have been seemingly drowned out by the trumpeters of false patriotism. Journalist and blogger for The Intercept Glenn Greenwald, he of the select group of whistleblowers that includes Laura Poitras who have been tasked to selectively publish former NSA contractor Edward Snowden’s cache of secret documents purloined right from under the unsuspecting nose of his former employer, recently gave a TED Talk on this very subject titled “Why Privacy Matters“.
Privacy matters because, in Greenwald’s words “everbody understands that we all have things about us that we want to hide and keep private”.
“Over the last 16 months as I’ve debated this issue (of personal privacy) around the world, every single time somebody has said to me ‘I don’t really worry about invasions of privacy because I don’t have anything to hide‘, I always say the same thing to them. I get out a pen, I write down my email address and I say ‘here’s my email address. What I want you to do when you get home is email me the passwords to all of your email accounts. Not just the nice respectable one in your work account, but all of them. Because I just want to be able to troll through whatever it is that you doing online. And read what I want to read. And publish whatever I find interesting. After all, if you’re not a bad person. If you’re not doing anything wrong, you should have nothing to hide.‘ Not a single person has taken me up on that offer.” —- Glenn Greenwald.
Some years ago, after I first got an iPhone and was well into a daily routine of deploying it for utility purposes and my own personal enjoyment, I started to refer to it as “The Oracle”, as in the buddhist Nechung Oracle, because it served as a medium between the natural world and the ethereal Worldwide Web and caused an almost trance-like state among its users. One glance around me during my then morning commute on the Metro proved beyond a shadow of a doubt that the iPhone was a harbinger of a new theology demanding obeisance to The Grid
Okay, I was a fan of the Cyberpunk novels of Willam Gibson and Neil Stephenson, so I was predisposed to view the Web as if it were some ethereal self-aware diety, set into motion by forces determined to exert complete control over our daily lives.
At one point I even ventured so far along this deus ex machina tendril of vision as to commit myself to writing a treatment for a movie script based upon Gibson’s Sci-Fi triple-crown award winning novel Neuromancer, which unfortunatley was lost when the floppy drive on my Osborne 1 computer crashed rendering unusable the floppy disc it was recorded on. The Grid is a harsh mistress.
Zero Day Vulnerable.
So how do we as common innocents, who are otherwise incapable of wrongdoing, unwilling to engage in any traitorous plots, or unwittingly unaware of this ubiquitous surveillance that is vacuuming up the yottabytes of data that define us in the eyes of public agencies like the NSA or private companies like Google and Facebook, how do we luddites keep at bay or at least at arm’s length these predators that prowl the Web and poke into our private lives? What tools and strategies – that when properly configured – can we use to help maintain at least a modicum of privacy?
One strategy is to stay “off The Grid” completely (not to be confused with the mobile food truck movement of the same name that takes over various San Francisco venues each week). Author John Twelve Hawks (a pseudonym) claims to have lived this way, yet has managed to survive and publish four novels. Another author, James Ellroy (a former crony and fellow habitue of Venice, CA – “where the sewer meets the sea” – back in the day) insists that he has never owned a computer, still drafts his visceral noir novels in longhand, including his latest page-turner Perfidia, and employs a pair of canines to protect him from groupies and plagiarists.
A more high tech strategy is to keep up with security updates on your computer, not only for the OS you use, but also for the applications you employ, including those utilized to watch video (Flash, HTML5, Quicktime), play music, view documents, send email, or store files and data on The Grid (Dropbox, Evernote). And then there are the devices that are physically connected to the Grid whose firmware must periodically be patched to fix what hackers call “0-day vulnerabilities” that might allow some unscrupulous geek “right now” in real time to actually take over your router and maybe even activate the camera on your computer and take pictures of you in the raw. Doesn’t that put the fear of The Grid in you?
Yes, upgrading to a new OS is always a bit of a leap of faith. There is only one hard and fast rule. Call it Rule Number One. Always back up your hard disk before you update or upgrade anything. I can’t tell you how many frantic phone calls I’ve received from friends and family complaining about complications or lost data. You can use CNET for tips on what to do before upgrading, which involve running several utilities and OS maintenance routines, completing application software updates, and finally — you guessed it — doing a backup.
The Lowdown On The Upgrade.
Right here I need to say two things. One is to sound a geek alert — a “caveat” if you will. (I first encountered this term in the wild while on a “Mid-watch” – Naval-ese for standing watch at midnight – when a senior watch officer who potentially had his finger on “the button”, burst into the Commcenter with a cable in his fist and demanded to know what “caveat” meant. No shit.) What follows will border on, for lack of a better term, material to make your eyes glaze over and your brain to freeze – sort of like wolfing down an ice cream sundae. The second is to make apologies to Chrome and Windows users.
While I have considerable experience with several versions Microsoft’s OS es (including DOS), I do not speak Chrome (or Android). Having said that, there are resources beyond the scope of this post that can be accessed for security and upgrade tips for those platforms. For Windows, check out the Microsoft Store for the latest release of its OS and links to security patches, being mindful that there is a new Windows OS you can now download for free from Microsoft called Windows 10 (Microsoft skipped a Windows 9 release for some arcane reason). However before you fire up your PC and hit the download button you first might want to read Microsoft’s EULA for Windows 10 because you may be exposing yourself to some troubling privacy issues as reported in a post by Mick Meany at AcclaimedNews.com titled “Windows 10 Might Be Free, But Your Privacy Is Priceless”.
Firstly, it will automatically sync with the Microsoft servers and silently pass along and store information about you including; your browser history, favourites and the websites you’re currently viewing. Mobile hotspot passwords and Wi-Fi network names and passwords are also logged. Cortana, the new personal virtual assistant records and shares everything you do – which allows it to function properly.
Micah Lee over at The Intercept, in a new post titled “Recently Bought a New Windows Computer? Microsoft Probably Has Your Encryption Key”, makes the case that migrating to a new Windows 10 device is even scarier.
One of the excellent features of new Windows devices is that disk encryption is built-in and turned on by default, protecting your data in case your device is lost or stolen. But what is less well-known is that, if you are like most users and login to Windows 10 using your Microsoft account, your computer automatically uploaded a copy of your recovery key – which can be used to unlock your encrypted disk – to Microsoft’s servers, probably without your knowledge and without an option to opt-out….As soon as your recovery key leaves your computer, you have no way of knowing its fate. A hacker could have already hacked your Microsoft account and can make a copy of your recovery key before you have time to delete it.
Still determined to upgrade to Windows 10 but leery of the privacy concerns raised above? Here’s a couple more items to store in the back of your mind; Microsoft, along with Google and your favorite flavor of Social Media are _all_ defense contractors so whatever you post, say, or “Like” gets sucked up and stored on National Security State servers; plus you might want to check out this post on NDTV Gadgets on how to turn off some of the more troublesome features of the new OS.
What follows is an OS/iOS critique for Mac users: what to do, what to use, and where to go for resources. I always upgrade one of my devices to the latest Apple version of the macOS and iOS, but before upgrading I always backup: for iOS to iCloud or a hard disc via iTunes or for macOS using the latest version of Carbon Copy Cloner to completely clone (as in make an exact bootable copy) the hard drive on the machine to be upgraded to an external disc.
iCloud Drive has been upgraded which now allows subscribers to store any kind of file – not just iWork or approved App Store application files to iCloud – much the same as Dropbox, Google Drive and Microsoft’s SkyDrive services have offered for several years now.
However, unlike these latter-mentioned cloud storage services, files stored on iCloud Drive can only be shared on your own devices — not publicly with friends or project collaborators – meaning only you get to see your pictures and video projects on your devices (including the Apple TV) – although for the life of me I do not know why anyone would bother. I’m betting you’re like me; we take pictures and videos to share with others. Where’s the fun in just looking at them yourself? It’s kind of like looking at yourself in a mirror (which I try to avoid at all costs). That could be a good thing if you’re a narcissist, but for me, the whole purpose for taking them in the first place is to share them, правда?. Now at least I can backup my video files to iCloud when I’m on the road. Another criticism of iCloud Drive, besides questioning why it took Apple so long to jump on the cloud storage bandwagon, is that the free storage space of only 5 gigs is pretty stingy especially considering Google and Microsoft are offering twice this capacity for free, although in fairness you can buy additional storage at reasonable prices.
Messages is still pretty much a conundrum, except for SMS but I still have issues getting Messages to sync to my other devices using either macOS’s “Messages” app or iOS’s “iMessage” app. It’s like they operate in two different universes. Even though everything is starting to look the same for both the mobile and desktop environments, appearances are deceiving which tends to confirm (for me) that Apple maybe bi-polar when it comes to internal platform integration. There are third-party messaging environments like Google Hangouts, Skype, and ooVoo that work as well or better.
Then there is Apple’s vaunted Apple Music, an ill-mannered attempt at competing with online music streaming services like Pandora and Spotify. Initially after you sign up for a subscription, you get three months of Apple Music service for free along with free access to Apple’s iCloud-based iTunes Match which ostensibly “matches” media content in your iTunes library and stores it on Apple’s servers so you can access your complete iTunes library from all of your devices. However, what Apple doesn’t tell you is that with iTunes Match, should you desire to change a song’s file format from say an uncompressed AIFF file that you burned from a CD that you own to a “lossless” compressed version like AAC, iTunes Match will also “protect” that new AAC version with DRM copy protection, so that now in effect, only you can listen to that song and you cannot share it with friends or family.
If you had sold the original CD subsequent to burning that song, you’d be out of luck (unless you buy a DRM converter). Plus, should you decide to cancel your subscription to iTunes Match (or Apple Music), all of your converted songs could literally vanish from your hard disk, as James Pinkstone relates in his recent post on Vellum:
”..through the Apple Music subscription, which I had, Apple now deletes files from its users’ computers. When I signed up for Apple Music, iTunes evaluated my massive collection of Mp3s and WAV files, scanned Apple’s database for what it considered matches, then removed the original files from my internal hard drive. REMOVED them. Deleted. If Apple Music saw a file it didn’t recognize—which came up often, since I’m a freelance composer and have many music files that I created myself—it would then download it to Apple’s database, delete it from my hard drive, and serve it back to me when I wanted to listen, just like it would with my other music files it had deleted.”
Bottom line here: don’t bother signing up for either Apple Music or iTunes Match unless you want your music potentially stolen. Besides there are persistent rumors that Apple is going to abandon online sales of music completely within the next couple of product cycles. Plus there is Amazon Music, that is if you want to risk the rest of your privacy.
In the wake of a reported attack on the Apple App Store by Chinese hackers in which contraband versions of Xcode, Apple’s developer platform for creating applications, were used to create malware versions of some popular apps including WeChat, Apple has beefed up the security features of its OS to include what it calls System Integrity Protection (SIP) — better known to developers as “rootless” access — whereby Root Users whom previously had unrestricted access to all directories and files are prevented from accessing certain system files and applications. For Admin users too, macOS upgrades have initially curtailed or completely eliminated the functionality of a number of third party apps that historically have been useful for monitoring system functions like disc and network activity, CPU temperature, etc. causing developers to either publish upgrades or discontinue the affected apps. Additionally, Disc Utility features such as software Raid configuration options, the creation of Disc Images, and “Verify” and “Repair” of permissions have been either eliminated or dumbed down; the latter two features having been usurped by SIP which repairs permissions automatically every time the OS is upgraded and locks out any potential changes in the interim. For the majority of users the mantra “better safer than sorrier” would seem to apply, although increased security here as in The Wild more often than not translates to loss of freedom and functionality.
The Snowden Effect.
I use an encryption program for some email accounts called GnuPG which requires both ends to have it installed and operational in order to enable end to end encryption. It’s very geeky and most of the time I have issues with understanding what goes where and when since using it involves the matching up of encryption keys. But you should consider deploying encryption on email accounts that you access via a stand alone email client like the Mail.app or Thunderbird. You can also subscribe to encrypted email services such as the recently crowdfunded Protonmail located in Switzerland or Canada’s Hushmail which offers both free and fee-based accounts. I guess we can Edward Snowden for this too, since without him we’d still be completely clueless.
When you use laptops in the wild, since portability is one reason why they’re so popular, security is a key issue. Thanks to Mr. Snowden we now know we’re being monitored. Our phones track where we are. So do our laptops. How?
Each electronic device is manufactured and labeled with a code – a serial number. Additionally, computers, servers, routers, switches, access points and devices that connect us to the web also have embedded in their networking cards what is called a MAC address or Media Access Control address; a unique 12 character alpha numeric code consisting six sets of characters separated by colons that looks something like “30:a8:bc:5n:43:x2”. The key word here is “unique”. Your machine will broadcast this MAC address to every device it hooks up to while you surf the Net, which means that you are being tracked and the information you share while you are being tracked is subject to being vacuumed up and used by whomever wants to without your knowledge or approval. This is a fact. So how to you interdict this incursion into your privacy? You spoof your MAC address. There are UNIX commands and Windows Device Manager tips available online that enable an account administrator to temporarily change a device’s MAC address. I do this every time I log into a public network.
You can also use a CGI proxy web server to generate an IP that only shows the proxy server’s IP effectively masking that of your ISP. Or you can use the TOR Network (TOR stands for The Onion Router) using its eponymous web browser to connect to the internet over a private network pathway where TOR:
…incrementally builds a circuit of encrypted connections through relays on the network. The circuit is extended one hop at a time, and each relay along the way knows only which relay gave it data and which relay it is giving data to. No individual relay ever knows the complete path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can’t trace these connections as they pass through.
However be mindful that the Supreme Court has just quietly approved a rule change that would allow a federal magistrate to issue a search and seizure warrant for any target using anonymity software like Tor to browse the internet. So if you use TOR, you could have your computer legally seized or even hacked and all of your browser history and/or files conceivably exposed to public scrutiny.
A great resource for personal privacy tools you can use when surfing online is the Electronic Frontier Foundation, headquartered right here in The City. Check them out and don’t forget to support their efforts in fighting ubiquitous, unfettered, and illegal government surveillance. Also you can cruise over to The Intercept where Micah Lee has recently posted articles on how to encrypt your hard drive and generate secure passwords using Diceware including a lengthy post on setting up and deploying anonymous encrypted chat accounts using Jabber and TOR for just about every flavor of computer and mobile device. Additionally, Mr. Lee has published some tips on how to generate secure passcodes for your phones and computers.
It Knows Where We Are
Recently, I was in a coffee shop near the Civic Center going through my morning “ablutions” of sipping a cup of Sencha and surfing the web, when I grabbed my iPhone and attempted to log on to the shop’s wifi network which by the way is centrally controlled somewhere in Gilroy via a Meraki security system. I received an error message that stated the network I was attempting to access was invalid. That has never happened before, at least to my knowledge. Checking the title line of the access screen on the iPhone I noted that the network address read “applecellphone.us” instead of the usual network broadcast by the shop which is normally “N65.Network-auth.com”. I shut off the wifi network and brought it back up again. This time I again received the same error message with a network address of “ThinkDifferent.us” instead of the normal one. Realizing that my phone’s wifi radio was being redirected to a third party access point located physically somewhere between my phone and the coffee shop’s Meraki network hub I shut off the phone. The NSA?
Next I fired up my laptop and ran through the procedures for spoofing its MAC address but the process failed, several times in a row. After the fourth try, I was able to spoof it’s MAC address and log on to the shop’s network and launch TOR. Checking the memory usage I noticed a spike well over 3.5 gigs, so I shut off the wifi and shut down the machine. Then I rebooted my machine, ran a memory scrubbing app and attempted to spoof its MAC address again. I could not. I checked the memory usage again and it had spiked to over 4 gigs just to load the OS. Something via the previous network connection had been downloaded to my machine and was taking it over. I immediately shut down, took the next bus home, wiped my hard drive, and proceeded to install the old OS from my backup disk.
Everything appeared to be back to normal (whatever that is) until, after launching a TOR session, I checked out the node routes to my secure email service at Protonmail. My usual practice is to request a new connection if even one of the nodes resolves to an address in the US. Well this time the session started with one: 220.127.116.11. And no matter how many times I requested either a new session or new identity, I was routed to the same node address – part of a pool of addresses managed by one Digital Ocean a “cloud infrastructure provider that provisions virtual servers for software developers” – which to me is evidence of very suspect activity. The same node address every time you create a TOR session? My gut feeling is that Digital Ocean obscures (unknowingly or not) subscribers whom are closet NSA collaborators, so consequently I had to wipe my hard disc again and re-install a clean version of the OS. Therefore comrades, if you use TOR, use proxy servers and beware!!! The national security state thinks that you are a terrorist.
Founder and editor of The Intercept, Jeremy Scahill together with his colleague Margot Williams have published an article on their site entitled “A Secret Surveillance Catalog of Government Gear For Spying on Your Cell Phone” which lists dozens of cellphone surveillance devices like The Stingray used by the military and by intelligence agencies some (or all) of which are now being deployed domestically by both Federal and local law enforcement agencies bringing into question whether or not these devices may have been used in a way that violates the constitutional rights of citizens, including the Fourth Amendment prohibition on illegal search and seizure.
”Many of the devices in the catalogue, including the Stingrays and dirt boxes, are cell-site simulators, which operate by mimicking the towers of major telecom companies like Verizon, AT&T, and T-Mobile. When someone’s phone connects to the spoofed network, it transmits a unique identification code and, through the characteristics of its radio signals when they reach the receiver, information about the phone’s location. There are also indications that cell-site simulators may be able to monitor calls and text messages.
Time to both invest in one of those Faraday Bags and follow Ed Snowden’s advice for maintaining personal security when using your mobile devices as posted in a recent interview with Micah Lee for The Intercept. First, encrypt your phone calls and text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. Second, encrypt your hard discs. Thirdly, use a password manager like 1password published by Agilebits.com. Fourth, deploy two-factor authentication on your email accounts. Most email clients support two-factor authentication. And fifth, read Micah Lee’s interview with Ed Snowden (link above).
Win For All
I think it is safe to say I’m no Alfred E. Neuman claiming to have no worries about government surveillance. In fact, a while ago I published a tongue-in-cheek manifesto on Facebook, that posited a UBI — a kind of basic guaranteed income stream or Universal Basic Income for everybody much like activists Scott Santens or David DeGraw propose, and offered strategies on how to make this whole NSA mass surveillance scenario a win, win, win, win for all.
I once made the point that if the NSA is so obsessed with collecting my personal and private data, I could willingly offer it to them for a price, since all my data is copyrighted, say for $500 per item per end user. This kind of program could be extended to everyone and become akin to a “Social Security for All”. Then the NSA could freely share it with their Wall Street backers whom they really work for, who could in turn market this data much like they do derivatives and securitized mortagages or rental contracts to interested investors and corporate entities who then could use the data for the same things they are going to use it for anyway and not be bound by any measly copyright law or governmental regulations.
In fact why not convert the NSA into a private corporation, remove it as a governmental agency, take it away from the auspices of the military thereby shrinking the Pentagon’s budget, and in the process save the taxpayer hundreds of billions of dollars annually? I mean how many terrorists have the NSA actually caught anyway? Fifty? Twenty? Even one? You’d think the neoliberal capitalists behind ALEC would have thought of this privatization scheme already.
It would be a win for the advocates of privatization and the Free Market by allowing unhindered exploitation of everyone’s data for a profit and since the data has been legally bought and paid for there’d be no debate over privacy concerns plus it would stimulate the economy and maybe prove once and for all that we don’t need the Federal Reserve to prop up Wall Street with our tax dollars. Hey maybe we could even turn the Federal Reserve into a banking system that actually services the public. What a thought!
It’s a win for the public sector because governments could then levy taxes on these new profits and help recoup badly needed funds for the country’s infrastructure, public housing, the social safety net, and eliminate student debt.
It’s a win for the taxpayer who could wind up paying a smaller share of taxes in support of ineffective militarized govenmental agencies. And a win for me as I could afford to live in the other Venice and hang out on Saint Mark’s Square. A Quadrafecta!”
The moral of this story — always backup, cover your tracks, and never ever surf the Web near the Civic Center because The Oracle not only knows all, it tells all.
The Daily Llama.
Updated May 29, 2016. Originally posted October 9, 2014.
This work by www.ruthenians.net is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Based on a work at www.ruthenians.net. Permissions beyond the scope of this license may be available at www.ruthenians.net.