What I want to do today is give you a guide on how to better protect your identity without having to become a survivalist hermit.
I'm going to use the KISS Rule (Keep It Simple, Stupid). If the solution is too complicated then chances are that you won't use it. The general rule of thumb is that the more security you use, the more inconvenient it becomes.
Much of your privacy depends on you.
If you are like my 20-year old niece and you post your entire life on Facebook, then you should not bother with anything I mention in this diary. Privacy isn't important to you.
On the other extreme, if you are very paranoid then you should not being using the internet in the first place. You should also not have a cell phone, a credit card, a car with a computer in it, and you might want to start a manifesto that involves something about the 2nd Amendment.
I want to address the majority of you somewhere in the middle. You like modern conveniences, but you don't want to have to change your whole life to protect your privacy.
The first step is to take the most basic measures to protect your computer. Tmservo433 had a great diary describing these basic steps involving a home firewall, good passwords, wireless encryption, and a decent anti-virus.
These are basic things that we should all do before anything else.
I would add to this list making an access password for your smart phone. Yes, it's a pain to have to unlock your phone every single time you want to call someone, but just think what happens if it ever gets stolen. Smart phones are being stolen in record numbers. Most smart phones are set up to automatically access your email, or contain sensitive information that you may not want even your friends to know.
The real reason I lock my phone is because I don't want some punk who just stole it from me to be able to use it.
Think of it like locking your car or your home.
The thing I learned from living in a big city is that you can't make yourself 100% secure from crime. The idea is to make yourself not worth the effort, so a potential thief will look for an easier target.
You can use the same idea for privacy. What's more, these same steps apply not just for preventing NSA spying, but also for preventing identity theft.
Not giving out information goes for more than just Facebook. Be careful with Twitter, Instagram, and whatever other social media might come around.
Don't put online your birth date, where you live, your travel plans, and things like that. Use your head. What do you not want a potential thief to know?
If you are honestly concerned with your privacy and preventing identity theft then you have to know that the easiest way to track someone and steal their identity is through their purchases. So don't use your credit card for small purchases.
It's OK to carry a little cash with you. Really. You are no more likely to get robbed by a stranger for $40 in cash then you are to get robbed for your credit card. However, the person most likely to rob you is your credit card company.
I can't stress this enough.
More advanced methods
Ever wonder how web servers can track your computer when you surf the web?
Check out StayInvisible and mybrowserinfo to see what information your computer is giving away.
If you want to keep web sites from tracking you then I suggest you change your browser to Tor.
The Tor browser is actually just a modified Firefox browser, but one that has been locked down for privacy (for instance, it prevents scripts from running). Also, by using the Tor browser you also become part of the Tor Project.
Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.I am currently using the Tor browser to write this diary. All web activities are encrypted and nearly impossible to track.
Like to surf the web on your smart phone? Then check out The Guardian Project. Their bundle of applications, which include the browser Orweb, do the same thing as the Tor project.
So what's the catch, you ask?
The most obvious drawback is that using the Tor browser is a little slower than using other browsers. Not dramatically slower, but a little. This is much more true for Orweb, which I found to be far too slow for convenience, so I rarely use it.
This problem would go away if more people took part in the Tor project.
There is also the annoyance if you access webmail such as Gmail and Yahoo. It won't recognize your source IP and that will trigger security questions. This is also true for the web site for your bank, among others.
As you know, Google saves and tracks all your searches.
So what can you do about it? Use DuckDuckGo.com.
It doesn't collect any information and it works pretty darn well.
So what is the catch? None that I've noticed. You just have to break the habit.
Securing your email
If you use Gmail, Hotmail, or another cloud-based email account then chances are you have almost no privacy.
And we all know that changing your email account can be a pain in the *ss.
You can move your email account overseas, which makes it harder for the NSA, but still doesn't prevent them from gaining access to it. There are email companies like Silent Circle which will come with encryption and protect your account, but it is rather pricey.
So what should you do?
First of all, don't save old emails. Yes, its nice to have that huge disk quota from Gmail, but you need to go into your trash and sent mail folders and clean them out now and then.
Use Facebook chat, Skype, Googletalk, or MSN? Then chances are you have no privacy protections.
That doesn't mean that you can't chat with privacy. An easy solution is Cryptocat, which comes as an add-in for your Tor browser. All communication is encrypted and open source.
The only catch? Your friend has to have a Cryptocat account as well.
Gibberbot, which works on all platforms, might be what be the total chat solution for you if you don't like the others.
Don't chat much, but do text? Then install TextSecure in your Android phone. Not only will it automatically encrypt your texts, it will also encrypt your old messages.
Secure your data
Let me first say that I don't trust the security of the cloud.
However, if you need to use the cloud, and you are still concerned with privacy, you should consider Mega. One of the founder of this group is Kim Dotcom, one of the founders of Megaupload.
Otherwise the trick is encrypting the local drive. There is all sorts of software for that, including native software if you are using Linux. If you are on Windows or Mac, one solution is to use Truecyrpt.
You can encrypt the whole hard drive, just a partition, or just a USB flash drive.
The catch? You have to remember your password or you will lose access to your data.
Secure voice calls
Yes, just like James Bond.
Unfortunately, I haven't tested any of this software, so I can't tell you from experience how difficult it is to use or what the catch is to use it.
OSTN is made for Android phones.
RedPhone was used by Egyptian protestors to encrypt their calls. It comes from the same developer that made TextSecure.
Jitsi will work on both Windows and Mac computers.
There are several things I must say at this point.
First of all, this is not a complete listing of all the applications out there. These are only the ones I am aware of. More exist, and better ones will exist in the future.
Secondly, if you are easily frustrated then it is likely that many of these applications are not for you.
What's more, I can't promise that you won't run into some problems when you try to use them. These open source applications are "stable", but that doesn't mean they aren't without bugs. You should back up your data and carefully read the instruction before installing them.
Thirdly, there are no amount of steps you can take to ensure your privacy if the NSA really wants your data, short of burning your computer and smart phone in the fireplace. The steps I mention above are designed to thwart random spying by the NSA/corporate complex. More importantly, they also discourage identity theft, a much more common threat.
Finally, there are privacy solutions that involve hardware instead of software, and thus aren't listed here because I wanted to focus on what was free.
My personal attitude towards the NSA/corporate spying comes from the same emotional place that causes me to support Moveyourmoney project.
It's your duty as a citizen to oppose these un-american, un-democratic activities. At the very least you should make their jobs difficult when you safely can.
Leaving your money in a Wall Street bank means that you silently support their efforts to usurp our democratic government. Not trying to protect your privacy means that you've given up trying to oppose the NSA/corporate spying.
Anyone can wear a flag lapel-pin. It takes a patriot to stand up for what you know is right.