Article Image

IPFS News Link • Surveillance

What is Your Computer Hiding From You?

• The Daily Bell

In July 2013, GCHQ, Britain's equivalent of the U.S. National Security Agency, forced journalists at the London headquarters of The Guardian to completely obliterate the memory of the computers on which they kept copies of top-secret documents provided to them by former NSA contractor and whistleblower Edward Snowden.

However, in its attempt to destroy information, GCHQ also revealed intriguing details about what it did and why.

Two technologists, Mustafa Al-Bassam and Richard Tynan, visited Guardian headquarters last year to examine the remnants of the devices. Al-Bassam is an ex-hacker who two years ago pleaded guilty to joining attacks on Sony, Nintendo, and other companies, and now studies computer science at King's College; Tynan is a technologist at Privacy International with a PhD in computer science. The pair concluded, first, that GCHQ wanted The Guardian to completely destroy every possible bit of information the news outlet might retain; and second, that GCHQ's instructions may have inadvertently revealed all the locations in your computer where information may be covertly stored. – The Intercept, Aug. 26, 2015

A good question arose in the comments to our Thursday story about U.S. border agents searching and seizing laptop computers. Can't people simply store their data on the cloud to keep it safely from government hands?

Let's think this through. Say you have a few megabytes of data that you wish to keep private. Nothing illegal, just private. You want to access your data after you cross outside U.S. borders. What are your options?

2 Comments in Response to

Comment by Powell Gammill
Entered on:
1. It is very unlikely the NSA can decrypt (break) modern encryption software. That is why they want to insert back doors into everything.

That said, people are creatures of habit and passwords are often easy to guess at based upon common traits people pick and knowing information about the person being hacked. They also are lazy or forgetful and use the same password and short and simple ones. Or write it down.

2. This is why you use a secure password manager to keep your passwords using only a master password. Use that master password no where else. Make it a random one of ascii characters of reasonable length.

3. Cell phone security is a joke. By the time you get a good password entered the person has hung up. Also the processors are weak so then too is any encryption.

4. The easiest way to steal your password is to gain access to your PC and place a keylogger on it that records and transmits every keystroke. That is what the government prefers to do a "sneak and peak" burglary.

5. This article is a non-article typical of the Daily Bell. Windows 8.1 and especially 10 transmit much data (some would argue EVERY keystroke) home to MS. We already know that is certainly intercepted by the NSA. Lesson: Use some other OS. Preferably an open source one that can be examined by people who know what mal-intent code looks like. Don't forget popular apps (any app really) such as Office apps or browsers can surreptitiously transmit the same.

6. Recommend full drive encryption of all hard drives using the same or a different (if you can remember two) master password. This can complicate backups. But it is not too bad if your network is a home network. Again open source encryption makes more sense to me.

7. The cloud is fair game for snooping as far as the government is concerned. Whatever you put into he cloud is public domain. So it had better be encrypted. Strong encryption.

I could go on and on about securing browsers, email, Internet connections, ....

Comment by PureTrust
Entered on:

First, get a second computer that never connects to the Internet, or directly connects to your Internet computer.

Second, wipe the drives of both computers on a regular basis.

Third. Use encryption as necessary, encrypting info to a small flash drive, work off the drive itself when creating files. Store them on the non-Internet computer. Wipe the Flash drive when finished.

Fourth. Never create any files on the Internet computer except, possibly, what you download from the Internet. Remember, you can download directly to your flash drive.

Fifth. Download a program like Ccleaner or Wise that you can use to delete all kinds of hidden things on your computer.

Encrypt, encrypt, encrypt. Wipe, wipe, wipe.



midfest.info