I’ve been thinking on various issues around privacy for hactivista or whistle blowery doings for a while.
The Ed Snowden story has made it more relevant once again. There are heap loads of tutorials aimed around technology and kit, but it seems that there’s very little with regards to behavior.
Truly taking advantage of being anonymous online and beating interweb surveillance is possible and can require special technology, but it seems this angle is most often the most emphasized while other aspects are mostly if not entirely ignored.
People are used to plug-n-play solutions, forgetting that with ease you give up autonomy. Specialized kit helps, but that’s just part of the recipe. To get cooking, you need a tidge of resourcefulness, a dash of creativity and a modicum of situational awareness.
This is the area of the battle I bang on about. Anonymity isn’t gear, it’s behavior, or the adoption of “disposable anonymity.” The following are computer/mobile agnostic ideas. I believe any device, service or system can be used with these concepts, and if employed properly (as many have done) you’ll stand a better chance of coming out unscathed on the other side.
- Successful anonymity is set up in advance. The methods and tools must be set up in advance. You may be thinking you’re doing something that you don’t want getting in the wrong hands, but hey, it’s not likely to happen to you. Or maybe you think, “selfie, this isn’t that controversial, just relax.” And maybe they aren’t, but then things take a turn to where they are. Too late. Set up the method and tools in advance, and be able to switch to them on a dime. Setting up takes time, and effort because you want to create your anonymous system anonymously. And once used for a while, or for something hot, you’ll want to ditch it and then you’ll have to start again.
- Keep it short. As I’ve said in training sessions and in posts elsewhere, you don’t need to be anonymous all the time, and it’s both futile and exhausting to try. Short, focused bursts work better and create more opportunities. Jean-Marc Manach puts it well in Fifteen Minutes of Online Anonymity.
- Know your enemy: Who doesn’t want this information getting out, and what resources do they have to identify who has done it? Research it. If this involves your place of work, how is activity monitored, and what are the holes? How can you bypass it? There are some systems in development, and others that are further along, but you may not want to wait for that, or they may not be suitable for the level of network monitoring you’re dealing with. Gawker has some interesting advice on how to get things to them. Behavior works better because what you want to do first is remove your activity from the monitored network as quick as possible. Find ways to print, copy or move the content out through the most generic method possible and do the rest within your anonymous set up.
- Understand it’s about correlation. Digital surveillance is about tracking transmissions and devices. Quit often, the point is to pick out signals in the crowd that look strange and correlate patterns from a particular device or communication service with a real world person that’s likely behind it. You want to avoid your signal from standing out in a crowd, and with that signal and device from being correlated to real world you.
- Your identity is now your cover. Some people advocate keeping as small a digital footprint online as possible. For a growing number of people, especially those born more recently, it’s too late for that one. And it looks “suspicious” to various paranoid agencies. You can be suspect now for what you’re not doing online. Make a really public web profile tied to your real name. Publish on it all the time. Keep it easily findable and search engine indexable. Give ’em something to look at while you’re doing something else. Create a new you, using different tech, on different platforms and with different behaviors.
- Use entirely different hardware. For that bit of hactivism or whistle blowing that needs to happen, don’t use the home computer with all your family photos and auto-linked Facebook updates and other associated social tat. Find cheap, disposable used tech (bought with cash), reformat it, set it up with the minimal things your need to do the action, and then wipe it, reformat it and prep it again (or wreck it and get rid of it if that’s how drastic things are). Don’t invest much dosh in gear for this kind of activity, or you’ll miss it should it need real anti-forensic destruction.
- Use entirely different habits. Tor may give you anonymity, but making sure you’re not some place with CCTV watching you at your usual WiFi cafe at the same time that some activity took place is a big step in the right direction. Having a reason for not being where people expect you to be is another. Connect from different locations at different times than you normally do. Set up scripts that will future post to your public profile while you’re in your other one. Use programming, not services for future posting (to twitter, your blog, etc) to obscure what’s going on. Don’t connect from your home IP address. Don’t make mobile calls from the same area you use your normal phone.
- Use open source anonymity apps and software. I’ve not seen paid-for options that work better, and if over-used or used incorrectly, the same dangers exist, so save your money for that upcoming asylum case. Open source is peer-reviewed. It’s got people testing it from every possible angle. Its creators are held to account to users instead of shareholders. When it’s been compromised, the developers are quite often much quicker to let users know than companies creating technology that may need to issue refunds, or suffer stock losses for bad news.
- Obscure the meta data. There are a lot of programs out there that will remove file data that relates to your identity. Success here varies. But if you’re using computers, cameras and systems not at all related to your identity, and transmitting them using disposable accounts, then you’re going to need to worry about this less and less. There are different methods to wipe a file’s meta data. There is no one way that works on any data for any file. If you’re fingerprints are all over meta data on a document, you may want to print it (not on your printer), scan it in on another machine and use the scan, which doesn’t contain legacy data.
- Stay focused. Now that it’s all set up and you’ve started… download nothing, click on nothing you didn’t already plan to, do nothing that’s not related to the activity that requires this level of anonymity and privacy.
- Encrypt everything. Encryption works. Eventually, if what you’re doing is really about something, it becomes news. Once that happens, agencies have the forensics to work backward to find where it came from. Journalists are a good target for governments to start with. Leakers rely on them, their names are pubic and they often use systems through big corporate networks and it’s easy to get the records. They’re usually crap at digital security, as well. Establish end-to-end encryption to leak information with your journo through the channels you choose and set up. Don’t expect them to do it for you. A method: maybe contact them through a throw-away email account accessed through Tor with a sample of what you’ve got. If that grabs their attention, set up an end-to-end encrypted phone or chat and SecureText a link to an encrypted file sharing space where they can download the goods.
- Tidy up: Wipe, damage and dump everything. Don’t visit the tech, software or user accounts again. Keep all the files somewhere on a an encrypted drive not connected to anything you’ve got. Remember it’s there, but don’t access it unless it’s needed.
Or maybe just going on the lam doesn’t sound like as much work as the above.