Data/Cyber/Cloud Security, Privacy, Website Security, Data Encryption, Malware/Viruses, Open Source Intelligence, Cyber Defence, Data Breaches, Travel Reviews & Photos
On 6th of June 2013 news broke about an alleged government surveillance scheme which claims to have access to emails, VOIP calls, searches and other forms of internet based communication. PRISM has potentially been active for a few years and due to the fact that users are based outside of the US it affects multiple countries and continents.

Reports suggest the US Federal Government has direct access into global internet giants like Google, AOL, Apple, Facebook and more. Naturally these companies have denied the claims or they may have turned a blind eye. True or not, everyones entire lives could be open to eavesdropping or recording by the government.

Even without PRISM vast amounts of data are available or posted without a second thought; like phone records, loyalty cards, bank statements, Oyster card logs and social media. All of this combined can easily reveal details such as age, education, religion, ethnicity, location, past jobs, football teams, political views and even if you are having an affair! Discretion when it comes to posting online is vital.

Some basic tips to help you keep safe are below:

For the wary
Location location location
Each country or political union (think European Union) has its own rules. Switzerland since it is fiercely independent and neutral will make it harder for court requests from other countries. Most mass market service providers are US owned and thus the data is likely to be held in the US. This makes access easier to government agencies since it comes under the Patriot Act or alleged surveillance schemes like PRISM.

Avoid US owned companies and internet giants
Just because your data is in the UK or even the EU it can still be accessed, if the service provider is US owned. Giant providers like Google, Hotmail, and Yahoo Mail do not have the best privacy policies and it is hard to know where your data is based. More private email providers do exist but typically offer a low storage amount or charge. These will often guarantee your data is held in a specific city or country and that staff are vetted. Avoid mainstream search engines. Less well known private ones are out there like Duck Duck Go.

For the cautious
Use a VPN service
VPN services re-direct your internet traffic to a server in your own country or elsewhere. All traffic is encrypted and typically no logs are kept. This means that websites do not see your real IP address and people trying to sniff out data only get scrambled information. Using a VPN provider outside of the EU can sometimes increase privacy since there is reduced co-operation with outside countries. VPNs have been used in China and Iran for years. It is recommended to use a VPN when using public Wi-Fi.

Encrypt your backups
Many backup providers may claim to have 256 bit AES government grade encryption but the encryption keys are usually tied to your username and password. Crack the username and password or the server and it’s a waste of time. Also government agencies can request access to your data and the encryption would be useless. A few, but not many providers, let you specify your own encryption key which is held locally thus cutting out the government or service provider.

For the paranoid
Encrypt your emails
Even if you use a mass market email provider like Google, emails can be made highly private by using an encryption method. PGP programme is very well known but expensive but there are some free encryption tools such as GNUPG and Comodo. Though these are free, setup can be fiddly but once you have set it up it is simple and quick to use. Some strengthened email providers exist with web based encryption. Though it adds privacy it is not as good as DIY encryption, e.g. Open PGP.

Encrypt your phone calls and texts
Use spooks inspired voice and text message encryption because telephone and text messages can be recorded or logged in general or at the Government’s request. From £2-50 a month services are available to heavily encrypt your phone calls, text messages and file transfers. Thus vastly reducing the logging capability at mobile networks and making it next to impossible for government agents to listen into phone calls.

Will these tips help protect me one hundred per cent? Not totally, but it will help you sleep better. Without a massive investment of time, software and hardware your best option is to live like a caveman (i.e. no internet connection) but then your life would be pretty boring!