This Online Self Defense course is designed to teach online security to everyday users. It starts with basics like anti-virus and good passwords, and progresses all the way to using the TOR browser. The information was compiled by Lebanon Public Libraries in Lebanon, New Hampshire.
The Basics of Protecting Yourself
Assessing Your Risk
We face many threats online today, but have limited time and attention to address them. Performing a risk assessment will aid you in prioritizing your efforts at protection. The threat model for someone worried about the NSA spying on them is very different from someone worried about identity theft or corporations spying on them to sell their information to advertisers.
Every account you have should be evaluated on this table. The darker the red, the more vulnerable you are. For each service ask yourself, how easy is this to compromised? and how big a deal is it if it is? For example, email accounts are frequently compromised (easy to do) and have a big impact because most of your accounts link back to your email. So securing your email should be a high priority.
After you have prioritized your accounts you need to ask what can be done to proactively protect your account? For example, with email you can enable two factor authenication, use a strong password, and educate yourself about phishing.
Finally, think about what can be done to limit the damage if an account is compromised. For instance, using different passwords for each account will keep one compromise from compromising everything.
Malware is a generic term for MALicious softWARE. There are many different terms for malware. Here are a few terms that you may hear:
- Virus - self replicating program that can be spread from one computer to another
- Adware - advertising software that installs itself onto your computer
- Spyware - software designed to send information about you to a company
- Scareware - a program that causes threatening messages to pop up designed to get you to buy a product
- Ransomware - software that encrypts your files and threatens to delete them unless you pay a ransom
- Backdoor – software which allows remote access to your device, allowing an attacker to control it.
- Bloatware – extra software installed by manufacturers It isn’t necessarily malicious, but sometimes can be.
Phishing is a scam using email to get you to click on a malicious link, open an attachment, or provide information. For example, an attacker may send an email that appears to be from your bank that contains a link. Clicking the link will take you to a site that appears to be your bank, but isn't. When you enter your password and account number, you have just given you bank information to an attacker. Spear phishing is like normal phishing, but it uses personal information about you to gain your trust. This information could come from another hacked site, public records, or a data breach of a company that had information about you.
The most important thing that you can do to avoid being a victim of a phishing scam is to learn to identify phishing emails. Here are some things to look for:
- Emails asking for personal information - These will often appear to be from organizations that you do business with. They may say that they need to verify your information for security purposes or use other scary language.
- Emails with links to click on - Scammers often will include links that say they go to one place but actually go to another. For example, if you click on the following link, www.google.com, you will find it doesn't take you where you expect it to. Scammers use this to direct you to their websites to harvest any information (username, password, account number, etc) that they can get you to type in.
- Emails that contain attachments are VERY dangerous - Attachments on emails can contain all kinds of malware and viruses. Simply opening the file can be enough to infect your system. This is the number one source of infection for a new type of virus called cryptolocker which encrypts all your files and threatens to delete them if you don't pay them a ransom.
So what can you do if you think an email is phishy?
- Never give out personal information in response to an email. If your bank emails you and says that they need to verify your information, call your bank to be sure that the email is legitimate, or go directly to their website using a web browser. Do not respond to the email at all.
- If an email asks you to click on a link, do not do it. Even if it is from someone that you know. It is possible that their email has been compromised and scammers are using it to infect other people. If you want to visit the link, go to a web browser and navigate to the site. This ensures that you are going to the site that you think you are.
- Do not download an open attachments unless they are from someone that you know and you are expecting the email. Even then make sure that you run a virus scan on the file before opening it.
- Forward any phishing emails to email@example.com to report it. Also, contact whatever organization the email claims to be from to alert them of the scam. This will allow them to let others know about the scam.
- After this, delete the email. Do not respond to it.
If you follow these steps, you should be much better protected against phishing scams. Keep in mind that these emails can be extremely convincing.
Although there are many threats on the internet, there are things that you can do which will greatly reduce your vulnerability.
Do your updates! As software companies learn about vulnerabilities, they send out fixes. By not doing updates, you are making an attackers job easy by letting them use known exploits against you. Any software that is on your computer needs to be kept up to date. For example:
- Your operating system.
- For windows, use windows update. You can go to http://windows.microsoft.com/en-us/windows/windows-update for more information.
- For a Mac, you can access updates through the app store. For more information go to https://support.apple.com/en-us/HT201541
- Java - https://www.java.com/en/download/help/java_update.xml
- Flash - https://helpx.adobe.com/flash-player.html
- Antivirus - If your antivirus isn't up to date, it can't find all of the viruses out there.
- Web browsers - These directly interact with the internet and must be kept up to date.
This isn't a complete list by any means. Every piece of software on your computer needs to be kept up to date or it may turn into an exploitable vulnerability. By using an application's auto-update features, you get the protection without the effort.
If your computer is connected to the internet at all, you need antivirus. Antivirus programs aren't magic pills that eliminate any threat, but they are a powerful tool for ensuring your safety. When looking at Antivirus programs consider the following factors:
- Features - does it provide features like scanning all downloads? What about email attachments?
- Ease of use - are you comfortable with the design and do you find it easy to navigate?
- System resources - especially for older computers, antivirus programs can be resource hogs. Your computer only has so much processing power and memory available. If your antivirus program is taking it all, it can really impact your computers speed.
- Cost - Antivirus programs range from free to hundereds of dollars. Choose one that fits your budget, but don't overlook free offering just because they are free. Sometimes they perform better than expensive alternatives.
To help pick out an anti-virus program, check out the following sites:
These organizations test antivirus programs and rank them based on their performance and are extremely helpful for finding the best product for you.
Passwords are absolutely essential to good computer security. Using weak passwords and reusing passwords are some of the most common mistakes that people make. Unfortunately, these mistakes make any potential breach, such as hacking someone's email, much more serious. If you reuse passwords, and there is a VERY good chance you do, then getting your password for one thing often means they have your password for a lot of other things too.
- Long passwords are strong passwords. Adding length to a password makes it much harder to guess than adding complexity. The only caveat here is that choosing a very long dictionary word doesn't help at all. Hackers have files with millions of words and variations on words that their computers can try very quickly to crack a password. This brings us to our second point.
- Passphrases are better than passwords. Choose three to four unrelated (Important!) words and put them together. Make up a story using these words to help yourself remember them. If the site you are setting up a password for doesn't let you use spaces, use dashes or underscores or cram allthewordstogether into one long non-dictionary word. This strategy exponentially increases the difficulty of cracking a password while making it much easier to remember than what we might normally think of as a secure password.
Coming up with a good passphrase
It is important to come up with random words for your passphrase. Here are a couple of ways to accomplish that.
- XKpasswd.net - This site is based on the above XKCD comic. It will generate passphrases for you and has a lot of customization options. However, you are trusting a third party to come up with passphrases for you. The site also includes the perl code, so if you are technically inclined you can audit the code and run it on your own computer. This is a more secure way to do things.
- Diceware - Diceware is an analog way to generate secure passphrases. Basically it includes a huge list of words, all of which have a 5 digit number assigned. You simply roll a dice 5 times to get a five digit number to get your first word and repeat however many times you would like. This site also contains a ton of good information about strong passwords.
Safely Storing Passwords
The reason that people reuse passwords is that there are simply so many passwords required in modern daily life. It is completely impractical to remember them all. Here are a some methods for remembering passwords so that you do not have to reuse them.
Write it down
Sounds crazy right? How insecure is that? Well, it is actually better than just using the same password for everything.
- Simplicity - Everyone has access to a pencil and paper
- Secure from hackers - I have never heard of anyone hacking a notebook yet
- Hard to keep up to date - If you try to keep it up to date, you can quickly end up with a jumbled mess
- Must be kept physically secure - Keeping passwords in your wallet or purse means that if you leave it on the bus or at a restaurant, whoever ends up with it now has access to everything. If you keep your passwords at your computer or someone easily visible, casual observation can get your password.
- Not very convenient - To always have your passwords with you means that you have to risk losing them. To keep them physically secure means that you may not have them when needed.
This is definitely not an ideal method. It has significant drawbacks, but will at least allow you to not reuse passwords.
A password Vault is a computer program that saves your passwords for you in an encrypted format. You use a strong master password to unlock the vault. Examples are KeePassX and LastPass. Many password vaults have other nice features like password generators and browser plugins which allow them to automatically type in your username and password. Some even have mobile apps and work on smartphones. A note of caution: If you are choosing a password vault that offers a cloud sync option to keep your passwords synced between devices, make sure that it offers "zero knowledge" storage. This means that you are the only one who can decrypt your passwords. Employees at the company can't, and hackers who manage to break into the company's database can't.
- Very convenient
- Very secure (security varies by which program you are using, read reviews and pick a good one)
- Often have nice added features such as password generators
- Requires a program to be downloaded onto your computer (or tablet or smartphone)
- Keeping databases synced between devices can be challenging
- Can be challenging on mobile devices
Password Vaults are a great tool and I highly recommend them. They take a little getting used to, and may seem a bit inconvenient at first, but you will quickly get used to them and there are huge security benefits to being able to have strong, unique passwords for every account you have.
Two Factor Authentication
When authenticating your identity (which is really what passwords are all about) there are a number of ways (factors) that can be used. You can rely on something you know (a password, pin number, secret question, etc), something you have (texting a code to your cell phone or emailing you a code, requiring a hardware key such as a yubikey, etc) or something you are (facial recognition, thumbprint, etc). Most accounts use passwords as a single factor for authentication. However, many sites are now moving to using two factor authentication. This typically means texting you a code when you try to sign in, or in the case of google, having a smart phone app that generates codes that are needed to login. This ensures that even if someone steals your password, they can't get into your account without also having your cell phone.
- Extremely secure
- Normally very convenient
- Many sites don't support two factor authentication
- Normally requires a smart phone although there are other types of two factor authentication
If it is available, two factor authentication is by far the best and most secure way to set up your accounts.
Backups protect important information against malicious acts (such as ransomware), accidents (hard drive dies or computer is lost), and disasters (home burns down). The 3-2-1 ensures that your backups are protected against all of these. Backup anything that you can’t be easily replaced on your computer.
3 copies of your data ensures redundancy. A virus or hardware failure won’t wipe out your data.
2 different types of media means you aren’t storing both copies on the same hard drive. Having one copy on your computer and one copy on an external hard drive or thumb drive means that your computer dying or getting stolen won’t mean you lose everything.
1 copy offsite protects against disasters such as your house burning down or getting flooded. One copy being physically separated means you have a safe copy regardless. Cloud backups are a popular way to get an offsite backup.
Safer Web Browsing
How are you tracked?
There are many ways to track what you are doing on the internet. Most websites use small files called cookies. Cookies store information about you, where you have been, and what you have done. These files are not malicious; they are needed because of the way websites work. When you log into a website, the website needs to be able to to remember that you are logged in whenever you visit another page on the site. The way websites do that is through these cookies. The problem is that they can be used to learn a lot about your online behavior. This is even worse when sites use what are called third-party cookies. This is where third party advertisers pay sites to tell them what users are doing. For example, if you log into social media site, it sets a cookie with your account information in it. This is fine because it means you don't need to log in every time you click a link. However, that cookie stays around even when you navigate away from then go to an online retailer. If you search for a pair of shoes, the retailer can read the cookie from the social media site and send that site information about the shoes you're looking for. The next time you go onto the social media site, there will be lots of shoe ads waiting for you.
What can you do about it?
There are many privacy enhancing browser plugins that you can install. We talk about those a little later.
We spoke about Malware a lot in the White Belt level. We covered some solutions such as anti-virus programs. This time we'll look at actions that we can take while online to reduce our vulnerability.
Unencrypted Web Connections
These days we often use public WiFi. Whether this is at your public library, your favorite coffee shop, or even a fast food restaurant it is still risky because people may be snooping on your web traffic. This is possible because many websites do not force a encrypted connection. Ensuring that your connection is encrypted has two benefits. First, it prevents snooping and possibly stealing information (or even worse passwords and logins). Second, it allows you to verify that the website that you are connected to is the web site you meant to go to. If the URL in your web browser starts with http://, then you do not have an encrypted connection. It should start with https:// for it to be encrypted. You can also click on the little lock symbol next to the https to find out information about the encryption used and the identity of the website.
Browsing More Safely
The following actions will make your web browsing much safer and help you to avoid the threats mentioned above.
Always know which website you're on. If you want to download something, always go to the official website of the company that makes the program. For example, if you want to download the free and open source Office Suite called Libre Office, you would go to https://libreoffice.org rather than clicking on any of the other sites claiming to let you download it. They may well have a download link, but that will often download other programs that are at best spam and at worst malware onto your computer.
So how do you know what the official site is?
If you use the search engine Duckduckgo and search for Facebook, they make it easy. This is what you will see:
Although this doesn't work for every site, it is great for those it does work for. Both Duckduckgo and Google will also tag ads now. It is always a good idea to avoid ads when considering privacy and safety online.
Here you can see Ads that take you to sites that aren't affiliated with the post office. After passing these you get to the official post office site. If you didn't pay attention to the ads you may end up on a scammy site that asks you for a lot of personal information so you can "apply for post office jobs".
If you download anything, scan it with your anti-virus program. Many programs have this as an automatic option that can be enabled. This isn't foolproof and won't save you if you insist on downloading items from shady websites, but it helps.
Avoid Questionable Websites
There are lots of scammy websites that are full of traps for internet users. The easiest way to avoid problems is to not be there at all. Make sure if you are buying something online that it is a reputable dealer. If you are downloading anything, be EXTREMELY cautious.
Safer Settings for Your Web Browser
Whatever web browser you choose to use, the developers are interested in making it as secure as possible. However, the most secure options aren't necessarily the default options. The screenshots below are from Google Chrome, but all major browsers support similar features. All of these settings are in Chrome's settings menu.
Turn off Third Party Cookies
We talked about third party cookies earlier. Most browsers have an option to not accept these cookies. These help to prevent unwanted tracking across websites.
Set Browser Plugins to "Click to Play"
Plugins are mini programs that allow web browsers to do extra things like reading PDF's or displaying Flash content. They are potential a security problem, and you should only let trusted content run plugins. To ensure this, set your plugins so that you choose when they play.
Disable Unused Extensions
Removing unused extensions helps to remove ways that your computer can be exploited. Even the best software has security bugs. By removing unused extensions, you are preventing these bugs from making you more vulnerable for no reason.
Do not have your browser remember passwords
Web browsers are exposed to all of the nasty things that the internet can throw at them. Modern web browsers operate in a "Sandbox" separating them from the rest of the operating system for better security. With everything out on the internet, it is not a good idea to ask the same browser to remember your passwords. There are much better options as discussed in the last section. This has the added problem of making all of your accounts available to anyone using your computer. It is also possible to view these passwords in clear-text in the settings menu unless you have set up a master password.
These are called different things in different browsers. Chrome calls them extensions, Firefox calls them add-ons, etc. Regardless of what they are called, they add functionality to your web browser. As was already covered, you should uninstall any unused extensions, but that doesn't mean that extensions are bad. They can protect your privacy, limit your exposure to malware, and even lower the amount of bandwidth you use (http://www.silicon.co.uk/e-marketing/adblock-plus-adblocking-network-traffic-172245). Here are a few that help.
Https Everywhere: Https Everywhere is an extension created by the Electronic Frontier Foundation. It forces a site to use an encrypted connection if one is available. This does not gaurantee a encrypted connection, because some sites do not offer the option. However, it does ensure that if such a connection is available, you will use it. You can get it here for Firefox, Chrome, and Opera.
Defeating Online Surveillance
Why Care About Privacy?
"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say” - Edward Snowden
You suffer when information breaches occur
Linkedin, Target, Anthem, Equifax, etc. all had a lot of your data, and they all had major data breaches. By limiting the amount of data that companies have about you, you limit the damage that their carelessness can do. Remember, any time that you put information online, it is now out of your control.
Privacy protects those who need it
There are many vulnerable populations that need privacy to avoid persecution. Depending on where you are in the world, these populations may include domestic abuse victims, members of the LGBT community, human rights workers and many others. Privacy also protects everyday people. Privacy allows a safe space to explore new ideas and ways of thinking without judgement. These ideas can literally change the world. When Thomas Paine wrote Common Sense, he published it anonymously. If his work had been under strict surveillance, he could not have possibly published a pamphlet so contrary to the views of those in power. Librarians refer to this freedom to explore ideas as intellectual freedom and it is impossible without privacy.
Who Wants to Surveil You?
Criminals / Hackers
Your information is valuable. If they can gain access to some of it, they can often get access to much more. A social security number can get you a credit card, or let you file a fraudulent tax return. Your email contacts can give them information to do a targeted "spear phishing" attack which might get them banking information. Even just your name and email address is worth something to them. By limiting the information that is available about you, you limit your exposure to this kind of exploitation.
Information is the currency of the internet. Companies like Google and Facebook would never exist as free services without some way to monetize the service. That way is by selling your information to advertisers. The more comprehensive the profile they have of you, the more targeted ads can become. Some may argue that this is the bargain you make when you sign up for these free services, and in some ways it is true. However, these companies are far from transparent about what information they have, and what they can do with that information. If you have any doubt, try reading their privacy policies and see how transparent they are. You may be willing to trade information for access to a service. However with the use of third party cookies, and super cookies that can track you across multiple websites, many companies are collecting far more information than people realize. Even if we are ok with this, we are still trusting that these companies maintain good security for our information. The history of major data breaches should cause us to question that trust. Finally, we must continue to worry about the advertisers that these companies are selling our information to. There have been many cases recently of malvertising (advertising that results in malware) being shown on many reputable websites. In their quest to maximize profits, companies do not always provide adequate screening of their advertisers. This allows for abuse of the users while the company profits.
No rational person would argue that governments should not be able to gather information on adversaries. We expect our governments to provide for the common defense, and this means knowing who is a threat. However, this does not give a government agency carte blanche to collect any information on anybody they wish. It is quite a stretch to claim that the mass surveillance practices that have been revealed do not exceed the limitations set on these agencies. One reason that these agencies are able to maintain mass surviellance on the population as a whole is that technology has made it so cheap and easy to access lots of information. By enhancing privacy, we make this more expensive and ensure that the government spends its resources surveilling those who are actual threats rather than simply watching everyone.
What You Can do to Make Surveillance More Difficult
- Use HTTPS - this encrypts your connection between websites and your computer. It doesn't prevent someone watching you from knowing which website you connect to or how long you were there, but it does mean that they can't see exactly what was transferred between you and the website. It also helps to ensure that what you are seeing is what the website is sending. This prevents a Man In The Middle (MitM) attack.
- Disable Third Party Cookies in your browser - Cookies are needed for browsing the internet today, but you can ensure that the only cookies that a site is allowed to set are from that site.
- Log out of sites when done - Logging out of a site destroys the session cookie for that site. This keeps other sites from reading the session cookie and learning information about other services that you use.
- Compartmentalize web browsing - Maintaining separate identities (or even completely separate web browsers) for different tasks prevents sites from gathering information about you that they shouldn't have access to.
- Use privacy enhancing plugins for your browser. Three that are useful are:
- HTTPS Everywhere - This forces websites to use the encrypted version if one is available.
- Privacy Badger - This prevents a lot of snooping on your web sessions by third parties.
- uBlock Origin - This is a very good, light weight ad blocker. It will prevent malicious advertising and lower your bandwidth usage resulting in faster, more secure browsing.
Better Privacy - Proxies and VPNs
Web proxies forward your traffic, keeping the website from knowing where the connection originates. They do not provide encryption however, and provide no defense against someone snooping on your traffic.
VPNs are similiar to proxies except that they create an encrypted tunnel to the VPN server. This protects your privacy when on an insecure internet connection such as at a coffee shop or airport. Both VPNs and Proxies can be found on https://proxy.org. Note that some VPNs keep logs of who connects to them and where the traffic goes from there. Others do not keep logs. These are called anonymous VPNs and are far better for privacy.
Even Better Than That - The Tor Browser Bundle
Tor is a strong anonymity tool that was originally developed by the Navy. It bounces traffic through three voluntarily hosted relays located around the world while wrapping the traffic in three layers of encryption. This ensures strong protection against someone on the receiving end being able to trace the IP address of the sender. Although it isn't the end all, be all for privacy, it is a very strong tool. The Tor browser bundle can be downloaded from https://torproject.org. It works on all platforms, including mobile phones.
Best Protection - Secure Operating Systems
For the best possible protection for your privacy, you can use a secure operating system. These operating systems are designed to replace current operating systems (such as Windows or OSX). They have privacy and security baked in from the ground up and are much more secure than most systems that people are more familiar with.
TAILS - https://tails.boum.org/
The Amnesiac Incognito Live System is an operating system that is designed to be run from a USB drive. It leaves no trace on the computer that it was run on when it is removed. It forces all interenet traffic through the TOR network and is excellent for preventing many of the deanonymizing attacks that have been used against TOR users in the past.
Qubes - https://www.qubes-os.org/
Qubes is a very interesting project that is under heavy development. It enforces the concept of segregating identities by using a seperate virtual machine for each role. This allows you to effectively do all of your banking from one computer, while having a second for casual web browsing, a third for work related email, a fourth for downloading music, etc. This provides excellent security, but takes a fair bit of resources to run well. It isn't recommended for older hardware.
Subgraph OS - https://subgraph.com/sgos/index.en.html
Subgraph OS is only available as an alpha release (early testing) right now, so it probably isn't suitable to use on a daily basis, but it looks very promising. It is designed to be installed on a computer and act as your primary operating system while having some of the best security features that TAILS has. If you are daring, try it out! If not, keep an eye on this project because it shows a lot of promise.
Right now, we use online communication for many things. We may email our doctor, our lawyer or our bank. We may chat with friends and family. What many people forget is that we are doing all of this in full view of everyone else between us and our recepient. This could be your network administrator, your email provider (gmail, yahoo, etc), your internet service provider, or others. It is more accurate to think of an email as a postcard than as a letter right now. Encryption is like putting an envelope on your letter. Everyone can still see where it is going, and who it came from, but they can no longer read the contents of the letter. Not only does encryption protect your privacy, it also makes sure that your messages aren't tampered with. You are able to "sign" messages, even unencrypted ones, in such a way that people can verify that the message that you sent is the one that they are reading. This has advantages outside of emails. For example, when downloading software, you can make sure the software hasn't been tampered with if a company provides cryptographic signatures along with its software.
Public Key Encryption
The type of encryption that we will be talking about is called public key encryption. It solves a very difficult problem. How do you have a shared key to decrypt a message without a method to securely exchange a key? The answer is to split the key into two parts.
One key only encrypts. This is called a public key and can be shared with anyone. Through some clever math, it is not possible to decrypt a message if you only have the public key.
The second key is called a private key. This should not be shared with anyone. It allows you to decrypt messages that are encrypted with your public key.
The following video demonstrates these concepts quite simply:
If you want to learn more about the math involved, check out the Gambling with Secrets series from the Khan Academy. It can be found at: https://www.youtube.com/playlist?list=PLB4D701646DAF0817.
You can set up encrypted emails using any email provider. The basic idea is that you encrypt the email before you send it to their servers, then your recepient decrypts it after getting it off their servers. This means that your email provider, ISP and others have no chance to see the unencrypted message. To do this, we need to install a couple of things on our computer. All of these tools should work on any computer.
Thunderbird is an email client similar to Microsoft Outlook. It is available for free from https://www.mozilla.org/en-US/thunderbird/. This program will download your email from your email providers servers and upload emails that you send. Setting up your email accounts on Thunderbird is beyond the scope of this lesson, but instructions can be found at https://support.mozilla.org/en-US/products/thunderbird/emails-thunderbird/set-up-email-thunderbird. Download Thunderbird, install it, and set up your email accounts on it. When this step is complete, you need to get something to encrypt your emails for you.
Just like the web browser Firefox, Thunderbird lets you install add-ons that extend its functionality. The Enigmail add-on lets you use PGP (Pretty Good Privacy) Encryption. Don't let the modest name fool you. This encryption is very good. You can download Enigmail from https://addons.mozilla.org/en-US/thunderbird/addon/enigmail/. The first time you start Thunderbird after installing enigmail, a setup wizard will automatically start. The standard setting will work fine for most people. If you want more information about setting up Enigmail, check out https://enigmail.wiki/.
Things to note:
- When generating your key pair, use the largest possible key size. That is the most secure. It may take a little longer to generate, but that is a one time thing.
- Use a very strong passphrase to secure your private key. This ensures that even if someone manages to steal you private key, they won't be able to use it. For hints on setting a good passphrase go to https://www.leblibrary.com/node/875#passwords.
- Keep your private key safe!
Upload your public key
Next you can choose to upload your public key to a keyserver. There is a network of keyservers around the world that store people's public keys. This is optional, but a lot of people do because it makes it easier for people to email you securely.
Spread the work
The biggest drawback to encrypted email is that it only works with others who are set up for it. So spread the word. You can exchange public keys with your friends. That brings up the next step.
Have a Key Signing Party
Encryption not only provides privacy, it also verifies that the person who sends you an email is who they say they are. This requires a way to establish trust. In gpg encryption, we have the concept of the "Web of Trust." Basically, after I verify that your public key actually belongs to you (by actually talking to you and having you read me your key's fingerprint), I can then cryptographically sign your key. By doing this, I am stating that your key is legitimate and that it belongs to you. If anyone who knows me but not you then wants to email you, they can see my signature on your key and trust that it is legitimate. A key signing party is when a group gets together and all verify and sign each other's keys. This helps to extend the web of trust.
For more information, check out the Free Software Foundation's Email Self Defense at https://emailselfdefense.fsf.org/en/.
Tails and Tor
The Tor project creates some of the best privacy tools that are available today. Although Tor isn't a one shot privacy solution, it is an extremely powerful tool for enhancing privacy and anonymity online. The TAILS operating system is a complete operating system that forces all internet traffic through the Tor network. Using these tools allow people to take back control of their privacy online. However, like all tools, they can not help if they aren't used properly. Thus, it is important to have a good understanding of how these tools work in order to use them properly.
Threat modeling simply means figuring out what threats you are likely to encounter and then coming up with plans to mitigate the most likely and most harmful attacks. Everyone should have an idea of how they are vulnerable. To begin, look at all your devices that are connected to the internet. They are all potential areas of attack (attack surfaces). If you consider what kind of information each device has and what it would mean if it was compromised, you will start to develop a personal threat model. Now do the same thing for all of your online services.
We will look at an email account as an example. We want to ask three questions for every service.
How vulnerable is it?
- Do you have a good password?
- Is that password used in other places (will the compromise of a different service compromise this account)?
- Do you use Two Factor Authentication?
- Are the answers to your secret question easy to guess, or find out from online sources?
- Would someone who knows you well be able to answer them?
How likely is it to be attacked?
- Is your email address publicly available?
- Do you use this email address to register for other online services?
- How often are email addresses compromised (hint: all the time)
What are the consequences of it being compromised?
- Do other services allow password resets using this email address (can the compromise of this email address then compromise other services)?
- What personal information has been sent through your email? Tax returns? Bank statements? Medical information? Client information? What would an attacker get access to if they break into your account?
- Who else might be compromised using this account? Could an attacker use this account to send phishing emails to friends? Relatives? Elderly grandparents?
- What would not having access to this email account mean to you personally?
- What would not having access to this email account mean to you professionally?
Once you have considered these questions you can start to make plans on how to reduce your attack profile and mitigate the harm if it is compromised.
For example, to reduce your attack profile you could:
- Use a strong, unique password for this email account
- Use two factor authentication
- Setup alerts for new logins
- Use account aliases to sign up for services. Use throwaway accounts to sign up for things your don't want to recieve emails from.
- Use non-obvious answers to secret questions (eg. What city were you born in? Purple).
And to reduce the severity of a compromise:
- Use encrypted email whenever possible (then a compromise won't compromise the information contained in emails)
- Don't store important information in your email
- Back up important contacts/information
This won't make this account invulnerable to attack, but it will make it significantly harder to attack, and will diminish the damage done if it is. Remember, security is a scale, not a binary. It isn't that a service is secure or not secure. It's that a service is more secure or less secure. Your goal is to make everything more secure. Using tools like Tor and TAILS help to make things much more secure.
Segregation of Identity
One way that you can reduce the impact of an account getting compromised is to practice Identity Segregation. This means that you seperate your accounts/activities into various identities and do not allow cross contamination between them.
For example, you may have an identity you only use for financial transactions. For this you might have a special email address with a very strong password. You would not use this email account for anything else, and would never post it online. You might choose to download, and then delete all emails to this account so that any compromise would not compromise any of your financial data. Perhaps you decide that to provide the greatest protection, you only want to access your banking information on a particular computer and do nothing else on that computer. Perhaps, that is too far but you still want security so you decide to only use Chrome for banking, and Firefox for general web browsing. Or possibly simply have different identities within Chrome. Modern browsers allow you to maintain and sign into different identities with different shortcuts, browsing histories, etc.
Each of these choices affords different levels of security. It is up to you to decide which is appropriate based on your threat model, tolerance for inconvenience, and comfort with risk. Someone very risk averse may tolerate more inconvenience for more security. Someone with no concern for their data might dispense with good security practices for the sake of convenience. Most of us will fall somewhere in the middle. Tails and Tor help with Segregation of Identity by breaking the link between different activities and making it very difficult to track you across multiple websites on the Internet.
What is Tor?
Tor is a protocol that wraps you web traffic in three layers of encryption and bounces it through three randomly chosen servers (called relays or nodes) around the world. This prevents the website on the other end of the connection from knowing who you are or where you are connecting from.
The main way to use the Tor network is buy downloading the Tor Browser Bundle (you can get it from https://www.torproject.org/download/download). This modified version of Firefox will work on all operating systems.
What does it do?
- The Tor Browser Bundle will route all of its traffic through the Tor network. This ensures anonymity and privacy while browsing by preventing websites from knowing your IP address.
- It will establish a new circuit through three randomly selected Tor nodes for every new website you connect to. This will prevent tracking across multiple websites.
- The Tor Browser bundle includes the HTTPS Everywhere and NoScript add-ons. These ensure you are using end to end encryption if it is available and prevent certain attacks and tracking methods from being used against you.
- Using the Tor Browser Bundle makes you look like everyone else using an unmodified version of the Tor Browser Bundle. This prevents fingerprinting attacks where websites can figure out who you are by the unique configuration of your browser even if you aren't logged in to the website. (To find out more about browser fingerprinting, visit https://panopticlick.eff.org).
What does it not do?
- Tor does not provide end to end encryption. Once traffic has left the exit node (the last link in the chain) it is outside of the Tor network and Tor cannot encrypt it anymore. This is why it is important to use https in addition to Tor.
- Tor does not prevent you from revealing information about yourself. If you log in to a website, that website will then know who you are. Tor helps to prevent your privacy from being compromised without your knowledge or consent, but can do nothing if you voluntarily give out your information.
- The Tor Browser Bundle does not force all traffic through the Tor network. Other applications on your computer can still connect outside of the Tor network. The Tor Browser Bundle can only route its own traffic through the Tor network.
What should you avoid doing while using Tor?
- Torrenting - torrent clients are well known for making direct connections outside of Tor. This breaks any anonymity you might think you have and reveals your real IP Address.
- Adding plugins or Add-Ons to the Tor Browser - plugins such as flash and quicktime can be exploited to break Tor's anonymity. Other add-ons are not tested by the Tor project and could break your anonymity as well. Additionally installing add-ons makes your Tor Browser unique which eliminates the fingerprinting defense mentioned earlier.
- Open downloaded files while online - It is possible that anything you download could contain malicious software that could break your anonymity. If you must open downloads, do so offline. An even safer solution is to use a virtual machine with networking turned off. To find out more about virtual machines go to https://www.virtualbox.org/.
The Amnesic Incognito Live System (TAILS)
One of the problems with using the Tor Browser Bundle is that it can only secure the web browser. The rest of your operating system is as vulnerable as any other and other programs can make their own connections to the internet without using the Tor network. One very good way to address these shortcomings is to use a completely different operating system that has been designed from the ground up for privacy and anonymity.
Amnesic - It leaves no trace on your computer so everything is forgotten when you quit
Incognito - It is forces all network communications through the Tor network providing strong anonymity protections
Live - It is designed to run off of a "live" usb drive. This means that the operating system doesn't touch your normal hard drive.
TAILS is great because:
- It uses state of the art encryption for files, emails, and instant messaging
- It leaves no trace on the computer it is used on.
- It gives strong privacy protection by forcing all traffic through the Tor Network
- It is a mobile operating system that can be carried on a keychain and used anywhere
You can download TAILS from https://tails.boum.org/.