Avoiding Internet Surveillance: The Complete Guide

Dann Albright, On 25^th January, 2015

Internet surveillance has been a hot topic in recent years—we’ve talked about it extensively here at MakeUseOf, it’s been brought up on major news outlets daily, and we’ve seen a slew of new apps, extensions, and products aimed at helping you retain your privacy online.

This article is meant to be as comprehensive a resource as possible on avoiding Internet surveillance. We’ll talk about why Internet surveillance is such a big deal, who’s behind it, whether or not you can completely avoid it, and a wide range of tools that will make you harder to track, identify, and spy on.

Why Worry About Internet Surveillance?

Before we get into the details of avoiding Internet surveillance, we should discuss exactly what sort of surveillance we’re talking about and why you might want to dodge it. Unless you’ve been living under a rock for a few years, you’ve heard about Edward Snowden and the documents that he released detailing surveillance programs run by the US National Security Administration (NSA) and the UK’s Government Communications Headquarters (GCHQ).

One of the most commonly discussed programs is called PRISM, and it allows the NSA to collect data from the servers of US service providers, including Microsoft, Apple, Google, Facebook, Yahoo!, and others. Anything you have stored on someone’s servers is potentially at risk of being collected and analyzed (to get the details, check out this article on everything you need to know about PRISM).

Other programs, like FAIRVIEW and STORMBREW, collect all traffic heading through a specific gateway or router. In both cases, there’s a wide variety of information that could potentially be collected, from browsing data and history to emails, chats, videos, photos, and file transfers. There are many others as well, including the recently revealed XKEYSCORE, which could make sure that you’re on the NSA’s watch list if you search for privacy-related things like secure Linux distros or virtual private networks (VPNs).

Of course, the US and the UK aren’t the only countries collecting data on citizens—it happens all over the world. It just so happens that we know the most about what’s going on in these two countries. And governments aren’t the only ones who are watching your movements online—this information is very valuable to private companies as well. While they won’t be reading your emails, they may track your browsing activity, social networking habits, the apps you use, and information about your friends.

While this information is collected by private companies like social networks and retailers, it’s certainly possible that it will end up in government hands, either through programs like PRISM or through court orders to hand the data over. The same goes for the data collected by your Internet service provider, which you might not even know about (much like users of Telstra had no idea their browsing habits were being logged and sent overseas).

So why might you want to keep governments and companies from getting this sort of information? There could be a wide variety of reasons: you’re a proponent of digital privacy, you’re worried that you could face discrimination or harassment because of your online activity, or because you feel that it violates human rights. All of these are perfectly good reasons for avoiding Internet surveillance.

If you’ve read this far, you’re probably already committed to the idea. However, there are a lot of people out there who believe they don’t have to worry about surveillance because they don’t have anything to hide. If we have a right to privacy, however, this argument is invalid. To find out more about why this argument just doesn’t work, you can read the section on it in my article about the Don’t Spy on Us event.

Now that you have a better understanding of exactly what it is that we’re trying to avoid here, we can get into the details!

Hide Your Browsing Data

More than almost anything else, your browsing habits define you as an online entity. The sites you go to, the ads you see, the links you click—they all create a footprint that’s specific to you and your interests. Even if you don’t use your browser to access disreputable or dangerous sites, concealing this information could be valuable to you, especially if you live in a country that actively suppresses non-standard views (as we’ve seen in Iran, China, and Turkey). So how can you make sure no one’s watching what you’re doing online?

One of the simplest ways to go about concealing your actions on the web is to use a virtual private network, or VPN. When you’re engaging in unsecured browsing, your computer reaches out, through your ISP, across the Internet, to another site. Once you’ve made this connection, you can view that site. However, if anyone is looking closely, they can see that connection. A VPN inserts an intermediary server between you and the site you’re connecting to—if someone is looking now, all they’ll see is a connection from the VPN server to the site on the other end. Your connection to the VPN server is encrypted, concealing your identity.

There are quite a few VPNs that are free, which is great if you don’t use them all the time—many people only use them to access region-blocked video when they want to watch Netflix from another country, for example. If you’re interested in getting a higher bandwidth limit, more speed, and no ads, you should look into paying for a VPN—we have a list of the best VPN services that you can check out. In most cases, it’s as simple as downloading a browser extension or an app, running a five-minute setup, and you’ll be on your way.

If a VPN is thought of as “one hop,” using the Tor network can be thought of as “three hops.” Instead of setting up a single server between you and your destination, using the Tor system bounces your connection through three separate servers before making the connection to the site you want to go to. The increased complexity of the connection makes it extremely difficult for anyone to monitor browsing traffic (though it’s been rumored that the NSA is making some progress in compromising the system).

To use Tor, you just need to download the Tor browser bundle and install it (we have a full guide to Tor available that goes through the process in detail)—then, whenever you use the Tor browser, you’ll be routed through the Tor network. In addition to browsing with significantly increased security, you’ll also have access to .onion sites, websites that can only be visited through the Tor network.

If you want to make sure that your browsing is maximally secure, and that it’s next to impossible to trace, you can route your connection through a VPN and the Tor network. This makes for four servers between you and your destination. No one’s going to go through enough trouble to track you through that mess unless you’re at the top of an intelligence agency’s list.

Another way that your browsing can be tracked is through files that are placed on your computer: cookies. These files can come from a number of sources, but one of the nefarious ways that you can receive trackers is through ads (which, as we have been finding out recently, can deposit a lot of bad stuff on your computer). So how can you prevent these from sending data to snoopers? Ad blocking.

It’s a controversial practice, because ads keep much of the Internet free (see “Are Ad Blocking Browser Extensions Killing The Internet?” and “AdBlock, NoScript, and Ghostery – The Trifecta of Evil“). However, blocking ads will prevent those ads from placing files on your computer. This means no cookies, no tracking information, and no malware. The prevalence of ad-embedded malware is on the rise, and blocking ads is currently the best way of keeping your computer safe; running an effective antivirus program like Avast is also a good idea (though that might expose you to other forms of tracking, as well).

If you’re not willing to go through the effort (and potentially slow your connection down a bit) to run VPNs or the Tor network on a regular basis, the best thing to do is to download and install a number of browser extensions. HTTPS Everywhere and Disconnect Search are two of the best, and they’re available for both Firefox and Chrome.

Fortify Your Email Security

While browsing creates a digital footprint of your life, email has the potential to carry your most personal secrets, important business communications, and other kinds of sensitive information. While you might not send that sort of thing via email very often, it’s likely that you do discuss your opinions, beliefs, and plans, all of which could potentially be of interest to the government. What can you do to keep your private messages private?

First of all, it’s important to know that securing just one side of an email conversation won’t do you much good. If you send an encrypted message to a friend, and your friend stores it in an unencrypted format on a public server, it’s going to be pretty easy for someone to nab that message. Email is an inherently insecure medium, which means you probably shouldn’t be using it for extremely private things at all. But there are a few things you can do to step up your security.

One of the most well-known and commonly used methods of encrypting email is called Pretty Good Privacy (PGP). The specific mechanics are quite complicated, but you can get the details in this guide to using PGP. In a nutshell, the message is encrypted on your computer, signed with a digital key, and sent to your recipient. That person then uses their own personal key (which is kept secret) to decrypt the message. Theoretically, PGP is nearly uncrackable.

PGP is a very popular option, but setting it up takes some minimal time and effort. If you’d skip the setup, you can use secure services like Hushmail, Vaultlet, and Enigmail, all of which were discussed in this article on secure email providers. These offer a number of different protections that help you rest easy that your mail won’t be easily intercepted and viewed by prying eyes.

Encrypting your mail will go a long way towards keeping the government from reading your messages, but they’re not the only ones who are interested in it. For example, Gmail monitors the contents of your messages for specific triggers that indicate that you might be engaging in specific illegal activities. Earlier this year, the system alerted the authorities to a man who was trading child pornography. In addition to this sort of monitoring, they also scan the contents of your personal messages to better target ads.

Because of the insecurity of email and the fact that your email provider could be scanning your messages, your best bet is to not send anything via email that you’d like to keep private.

Encrypt Your Chats and IMs

We’ve started using instant messages for a lot of things, from quick personal chats to in-depth professional discussions. If you use Google’s chat app, you probably have thousands of IMs saved, and it’s quite likely that if you were to look through them, you’d find a huge variety of things that you don’t want other people to have access to. So what can you do to make sure no one’s snooping on your IMs?

One of the most widely used encryption protocols for instant messaging is called Off-the-Record messaging, or OTR. It uses an interesting style of cryptography called deniable authentication, which means that after the conversation, both participants can deny the existence of the conversation. Using OTR is quite simple: if two people have chat clients that can use the protocol, all they have to do is turn it on. A number of OTR-capable clients are now available, including Adium and Pidgin, which provide OTR encryption for Google Talk, Facebook chat, AIM, Yahoo! Messenger, and a number of other protocols.

In addition to this widely used protocol, there are a number of other less well-known solutions. A great example of this is Cryptocat, a web app that allows you to create an encrypted chat on the fly and invite others to join it by sending a link. After an hour of inactivity, your chats are wiped. It’s one of the easiest ways to encrypt a chat, you don’t need to download anything, and the browser extension lets you fire it up with a click.

SafeChat is another alternative that’s used for encrypting Facebook chats—so if you use Facebook primarily or exclusively for your IMing needs, it’s a good way to go. It’s available not only as a free Chrome and Firefox extension, but also as an iOS app, so you can continue your secure chatting on the go. ChatSecure is another app that allows you to securely use Facebook Chat and Google Talk from your phone.

Remember that with all of these encryption options, like secure email, both parties need to be using encrypted clients, or else anyone who wants to see what’s in your chat can just pull the information from your interlocutor’s computer.

Protect Your Messages

Chat, IM, and messaging are all becoming more similar, but there are still times when you want to use an app that’s a bit more like a traditional text messaging app than an instant messenger. Many of the apps that people use on a regular basis from their phones fall into this category, so it’s worth look at on its own. Because almost everyone uses them, they’re of high value to prying eyes—we saw a great example of this in South Korea last year.
There have also been a number of concerns over the privacy of specific messaging clients, such as when Facebook acquired WhatsApp. Although Facebook still hasn’t done much with the messaging app, it’s common knowledge that they collect a huge amount of data on users of their social network (including data on your offline purchases), and there’s been discussion of collecting some of that data through the contents of Facebook chat messages. Obviously, the acquisition of WhatsApp was cause for concern.
Since then, however, WhatsApp has stepped up its game in relation to security and privacy. In a recent Android update, it turned on end-to-end encryption for messages, meaning that not even the servers at WhatsApp contain unencrypted messages. This is a huge victory for privacy advocates. While this encryption hasn’t been enabled for all platforms yet, it’s likely to come in the near future.





Although WhatsApp remains at the top of messaging app popularity list, there are a lot of other great options. Telegram is quickly becoming more popular, and beat WhatsApp to the punch on many features, like end-to-end encryption, self-destructing messages, and a web client. Telegram’s cloud-based messaging lets you see your messages from your phone, tablet, computer, and any other computer via a browser. The encryption protocol was developed specifically for the app to be highly secure and very fast. And it beats WhatsApp’s great $1-per-year pricing by being free.
We’ve profiled a number of other secure messaging apps in the past, including Silent Text, Threema, Wickr, and Confide. If you can convince everyone that you regularly message to download one of these apps, you’ll have no cause to worry about the security of your messaging. Obviously it’s best if everyone’s using the same app, but the low cost of these options means it’s easy to message one group of friends with one app and another group with another.

Secure Your Mobile Device

While some of the apps and strategies listed above can be used on your mobile phone, there are a few issues that are unique to phones, such as the collection of metadata. If you’ve been paying attention to the latest news on the NSA’s data collection practices, you’ll have heard of metadata—but you might not know what it is. Put succinctly, metadata is information about your information.

Metadata includes things like the phone numbers you’ve called, when you called them, how long you were on the phone, which cell towers you used during the call, and the location of the recipient of the call. Taken together, these things can actually reveal a lot about your conversation and your relationship with the person you’re talking to. Of course, with a court order, government agencies can also easily get a wiretap on your phone, but that’s much less likely to happen.

The difficulty in protecting your metadata is that it’s comprised of information stored by your phone company, and that information can be requested or subpoenaed. Companies aren’t exactly resistant in handing it over.

Unfortunately, the things you can do to protect your metadata are limited. Mobile hardware and software focused on privacy, like the BlackPhone and Silent Circle, helps a lot. They encrypt metadata and make it much more difficult for anyone to obtain it. You can also use a burner phone, if you’d rather not have the NSA collecting data on your phone calls, though this approach does come with some inconvenient drawbacks.

One of the interesting points that a few people have brought up recently is the fact that by offering end-to-end encryption in WhatsApp, Facebook is essentially throwing away a huge amount of potentially valuable data. No one believes that they would offer this feature just for users’ privacy after paying $19 billion for the app, so that value has to be made up somewhere—and most people are pointing to metadata. It’s really valuable.

Beyond the methods above, the best way to keep your metadata out of the hands of the NSA is political: join campaigns to reform metadata-collection laws, hold companies accountable for the data that they hand over to the government, and make sure your voice is heard.

Although it’s tough to prevent the collection of your metadata, there are a number of things you can do to keep the content of your communications private. Using the apps detailed above for messaging is a great place to start (especially if you, like many people, do a lot more messaging than calling). And Guy’s article on three ways to make your smartphone more secure details Kryptos and Silent Phone, two VoIP apps that encrypt your calls, making them very resistant to any sort of data collection.

Messaging and calling isn’t all that you use your phone for, however—a lot of people also do a great deal of mobile browsing, and just like on your computer, this information can potentially be tracked. To protect your browsing data, there are a number of mobile VPN services that you can set up to use just like the ones discussed above for your computer. We’ve written about HotSpot Shield and VPN Express for iOS, as well as a number of Android VPN apps, that will keep your mobile browsing data safe.

Many VPN services now offer both desktop and mobile protection, and you can get both by signing up for an account—if you’re concerned about your privacy and you don’t wanted limited bandwidth, spending $10 or $15 each month on a premium VPN might be well worth the cost.

Unfortunately, it’s difficult or impossible to prevent your service provider (or Google, or Apple) from tracking your location using the GPS receiver—if you really want to keep anyone from knowing where you are by tracking your phone, your best bet is to turn your phone off and take the battery out, or use the BlackPhone.

And don’t forget to opt out of ad tracking, too. It’s different on each phone, so check out this article on the basics of smartphone privacy.

Keeping Your Social Life Private

Using secure browsing and messaging techniques will keep most of your social networking data from falling into the hands of the government (unless, of course, a social network gives in and hands your data over to the NSA, which is certainly possible). However, social networks—especially Facebook—are doing a lot of surveillance on their own. While they may not be collecting data to see if you’re a potential threat to national security, they can make a lot of money with it. (You can make money selling your own data, too, but that counteracts quite a bit of the advice in this guide.)
The amount of data collected by Facebook is staggering—they collect so much that they can create “shadow profiles” of people who don’t even have Facebook accounts just by collating information from other users’ contacts. Other sites that are linked to Facebook send your information back to their servers (though you can use tools like Facebook Disconnect to prevent that). And let’s not forget about the fact that other companies can gather mass amounts of public Facebook data, too.





While you might feel like your privacy is being violated—even to the degree where it might be illegal in some cases—there’s not much you can do about it. The terms of service of major online services, from Facebook and Twitter to Google and Dropbox, almost always require that you give up at least a good portion of your rights to privacy to use the service. Even your Facebook chats could be scanned.
Even more unnervingly, Facebook can figure out when its ads have influenced your offline purchase decisions. There are very few places where you’re not being surveilled by the social giant. Remember that Facebook isn’t the only culprit here—it’s just the biggest one. Twitter tracks the apps you have on your phone, and we recently published an article on ten social networks that are pretty bad when it comes to privacy.
If you’ve signed up for a social network, they’re almost certainly collecting some data about you. App.net is a social network that isn’t funded by ads, so you can probably feel safe that your data, even though some if it’s being collected (as can be seen in their privacy policy), won’t be sold to advertisers.





However, you can take steps to limit the amount of data that’s being collected. One of our Facebook Weekly Tips from 2013 dealt specifically with limiting the amount of tracking Facebook can do. You can also opt out of sharing data with Facebook through the Digital Advertising Alliance (though the efficacy of that is debated). It’s a good idea to take these steps, as a lot of social networks, as well as other online companies, may be able to bypass your browser’s security settings.
Unfortunately, the best way to avoid being surveilled by social networks is to not use them . . . and limit the amount of contact that you have with people who do.

Take Privacy Into Your Own Hands

As you can see, avoiding Internet surveillance isn’t easy. In fact, completely avoiding it is nearly impossible. And taking all of the steps above will cost you quite a bit of time, effort, and money. But is it worth it? That all depends on how you feel about your privacy.
We know that “nothing to hide, nothing to fear” just isn’t a viable argument when it comes to online privacy. We are being pervasively watched by governments, companies, and service providers around the clock, while we’re on our computers, phones, and tablets. We’re even being watched by social networks when we’re away from our computers—and often when we don’t even have accounts.





As I mentioned earlier, all of this, for the most part, doesn’t really affect our daily lives (other than creating an information filter bubble). But if history has shown us anything, it’s that the status quo can be changed at any time, often when we least expect it. And beyond practical safety concerns, what about our right to privacy? Don’t we have a right to have a private life that’s truly private? That can’t be seen by people who are suspicious of our actions or those who are using us to make copious amounts of money?
It’s time to take your online privacy into your own hands. Use the strategies outlined above and share them with others—the more we fight back against pervasive Internet surveillance, the more likely we are to retain our privacy and online freedom.
What steps do you take to ensure that you’re not being surveilled online? Do you feel like your privacy is being violated by companies and governments? Or do you feel that it’s not worth the effort? Share your thoughts below.

Source: http://www.makeuseof.com/tag/avoiding-internet-surveillance-complete-guide/

LG G3 Review - 2 Reviews

Published on Jun 23, 2014

The LG G3, the best Android smartphone? We'll have the LG G3 vs HTC One (M8), Samsung Galaxy S5, OPPO Find 7, and OnePlus One soon! The LG G3 packs a 5.5-inch 2K display, a Quad-Core SnapDragon 801 chip, 3GB of RAM, and a 13MP Camera with OIS (optical image stabilization). All of that packed in a redesigned body that features an almost no bezel build and new plastics design to look and feel like metal without all of the weight and bulk.

Join us as we take our closer look at LG's flagship for 2014 in our review of the LG G3.

Samsung Galaxy S5 vs LG G3: Clash of the Flagships

LG G3 Review from Android Authority

Samsung Galaxy Note III VS Galaxy S5 VS Galaxy S6 : Phablets Compared

 Samsung Galaxy Note III VS Galaxy S5 VS Galaxy S6, we have 3 phone or so called phablets from Samsung going head to head. The Samsung Galaxy Note III is going to be released on September 4, and the other two devices in the coming months. These Note series went on to the high sales with its huge screen and S-Pen technology, the Galaxy S series on the other hand became a huge success with all the processing power, medium to high screen size and lots of features. We call the Note series as Phablets, but that might change with the arrival of Galaxy S5 and Galaxy S6 as the screen sizes for them will be same or higher than that of the Note series.

Samsung Galaxy Note III VS Galaxy S5 VS Galaxy S6

The Samsung Galaxy Note III is the update to the current generation Note II which is still going high in terms of sale figures. For most of the part, it just has a bigger screen, but there is more to it than what meets the eye. The Note series comes with a higher clocked processor, and S-Pen support. With S-Pen support, Samsung brings more features into a Note than any of the Galaxy S line up. ToDo list, notes, calendar and even sketching are some of it. Be it in a lecture or meeting, if you have Note as your companion, you can do more, from taking notes to even presenting your views. The Galaxy S5 on the other hand will be just an upgrade to current gen Galaxy S4, it will come with a new processor, a bigger display and better camera and Android 5.0 KeyLimePie out of the box. The Galaxy S6 will be a huge upgrade and possibly the last phone in the Galaxy S line up. It will bring to the user, a lot of features, new and improved camera, finger print technology, inbuilt wireless charging, touchless phone entry, dust and water resistance, 5G and possibly 5G LTE-A.
Lets get on with it then;

Samsung Galaxy Note III VS Galaxy S5 VS Galaxy S6

Brand Name	Samsung	Samsung	Samsung
Smartphone Name	Galaxy Note III	Galaxy S5	Galaxy S6
Connectivity	2G/3G/4G-LTE 4G LTE-A Bluetooth 4.0 Wi-Fi a/b/g/n/ac	2G/3G/4G-LTE 4G LTE-A Bluetooth 4.0 Wi-Fi a/b/g/n/ac	2G/3G/4G-LTE 4G LTE-A 5G LTE Bluetooth 5.0 Wi-Fi a/b/g/n/ac Support for Wimax
Dimensions & Weight	165.5×98.5×7.5mm 190gram	152.2×85.5×7.0mm 140gram	163.3×95.8×6.5mm 116gram
Display	5.8 inch SUPER AMOLED HD 1920×1080 468ppi Protection : Gorilla Glass 3	5.3 inch SUPER AMOLED HD 1920×1080 468ppi Protection: Gorilla Glass 4	6.0 inch SUPER AMOLED HD 3200×1800 550ppi Protection : Gorilla Glass 5 Water Resistant and Dust Resistant.
Interface	TouchWiz UI S-Pen Support	TouchWiz UI Floating Widgets	TouchWiz UI Floating Widgets and Halo Style Icons Supports all types of touch( including pencil etc…)
Multimedia	Supports All Media formats New Music Player with clean UI	Supports All Media formats Video Player UI Changes	Supports All Media formats Video Player UI Changes Avi video is now supported.
Camera	Primary : 13 Megapixel Camera Features : Dual Shot, Simultaneous HD Video and Image Recording  Video : 1080P @ 30fps Secondary : 2Megapixel, 1080P @ 30fps	Primary : 13 Megapixel(Ultrapixel) Camera Features : Dual Shot, Simultaneous HD Video and Image Recording Video : 1080P @ 30fps Secondary : 2.2Megapixel, 1080P @ 30fps	Primary : 16 Megapixel Camera, 4/3 inch, 18.5mmx13.5mm, Loseless Zooming, Optical Image Stabilization Features : Dual Shot, Simultaneous HD Video and Image Recording  Video : 4K Video Recording, 1080P @ 60fps Secondary : 4Megapixel Wide angle,1080P@60fps,OIS
Memory	Internal : 16/32/64GB, Expandable up to 64GB via micro SD card 2GB RAM	Internal : 32/64GB, Expandable up to 64GB via micro SD card 3GB RAM	Internal : 32/64GB, Expandable up to 128GB via micro SD card 4GB RAM
Features	CPU : Exynos 5420 Octa Core, Qualcomm Snapdragon 800 GPU : Mali for Exynos Variant, Adreno for Qualcomm Variant OS : Android 4.3 JellyBean Sensors : Accelerometer, Barometer, Gyro, Humidity, Gesture. Colors : Garnet Red, White Frost, Metallic Grey, Black Mist.	CPU : Exynos 5450 Octa Core, Qualcomm Snapdragon 800 GPU : Mali for Exynos Variant, Adreno for Qualcomm Variant OS : Android 5.0 KeyLimePie Sensors : Accelerometer, Barometer, Gyro, Humidity, Gesture. Colors : Volcano Black, Lava Red	CPU : Exynos Hex Core A15 Cluster, 14nm manufacturing, Qualcomm Snapdragon Hex Core GPU : Imagination Technologies for Exynos Variant, Adreno for Qualcomm Variant OS : Android 6.0 MilkShake Sensors : Accelerometer, Barometer, Gyro, Humidity, Gesture, Eye Tracking. Finger Print Scanner. Touchless Entry and Voice Control over the phone when it’s locked. Colors : Black, White.
Battery	Li-Ion 4000 mAh removable battery	Li-Ion 3500 mAh removable battery	Li-Ion 5000 mAh removable battery

From the above table, there is no clear winner in the Samsung Galaxy Note III VS Galaxy S5 VS Galaxy S6 comparison. All we can say is that the three phones or phablets will be top of the line with the highest performance and top of the line features.
For more Samsung Galaxy Note III VS Galaxy S5 VS Galaxy S6 coverage, subscribe to our feed.

Source: http://samsungsvi.com/samsung-galaxy-note-iii-vs-galaxy-s5-vs-galaxy-s6-phablets-compared/

Samsung Galaxy S5

 

Samsung Galaxy Note 3



Samsung Galaxy Alpha - Samsung Galaxy S6 vs. S5

How Edward Snowden protected information … and his life

Skillset

What's this? Practice for certification success with the Skillset library of over 100,000 practice test questions. We analyze your responses and can determine when you are ready to sit for the test.

Who is Edward Snowden?

Edward Snowden is the man who changed the history of the Internet; he revealed information on the largest and most secret surveillance program implemented by the U.S. Government.

Snowden is a 29-year-old technical assistant for the Central Intelligence Agency who has worked at the National Security Agency for the last four years. He has also worked for various defense contractors; his last job was with Booz Allen Hamilton.

Edward Snowden decided to reveal his identity, according to The Guardian, exposing his person to serious risks, the U.S. government was seriously embarrassed by the revelation of the man that confirmed that surveillance activities involved also other governments such as the British one.

Snowden’s declarations to The Guardian and the Washington Post have shocked American public opinion. The country was divided between supporters and opponents, U.S. citizens found themselves asking questions about issues of security and privacy and wondering what was the right compromise between the two requirements. The U.S. government is defending the surveillance program; it is considered by authorities a necessary activity of intelligence to prevent other terrorist plots and Obama’s administration confirmed that the debated data collection has already prevented terrorist acts.

During an interview with The Guardian, Snowden revealed that he is concerned about being persecuted by the U.S. government, and his concerns are legitimate, considering other cases like Bradley Edward Manning, the U.S. Army soldier who was arrested in May 2010 in Iraq on suspicion of having passed classified material to the website WikiLeaks. Edward Snowden fears that the government will persecute him for disclosing top secret documentation on an extensive surveillance program known as PRISM.

Snowden escaped from the U.S. by going to Hong Kong. He went to the Chinese territory because he believes it is independent and has “a strong tradition of free speech.”

“I’ve left the room maybe a total of three times during my entire stay,” he said.

The disclosure started with the publication of the secret court order to Verizon Communications, but that was just the tip of the iceberg; all the principal U.S. IT companies are supporting the surveillance program PRISM. The surveillance architecture monitors every activity on the Internet and accesses data from companies such as Microsoft, Google, Facebook, and Apple.

Today, Snowden is blocked in the transit area of Moscow’s Sheremetyevo International Airport, although journalists have been unable to spot him.

Figure 1 – Moscow’s Sheremetyevo International Airport

In the area are located three terminals and it includes both the V-Express Capsule Hotel and one wing of the Novotel, as well as the detention rooms reserved for refugees and others with uncertain immigration status who wait to be admitted to the country or shipped back to their place of departure.

Figure 2 – Edward Snowden Interview

The awareness of being a moving target

Snowden knows very well the world of intelligence and the way the secret services of his country operate; that’s why he decided to go to the daylight and to attract all this hype around him, it is necessary for his survival. Snowden considered the decision to make public news on the PRISM surveillance program for a long time and he has certainly adopted all necessary countermeasures to hide his network of contacts, disseminating false information on his intentions and storing in a secure place the information gathered that represents his life insurance.

The belief that Snowden decided to reveal details of his past activities in the intelligence sector led the security community to commit some serious errors. He probably received great support from hacktivist movements that sustained him in difficult moments. Don’t forget that the young technician was aware of the consequences of his decision.

Why has nobody spoken before now of possible accomplices outside of U.S. intelligence? And what if his accomplices are personnel of U.S. intelligence? It’s my opinion that Snowden has received support to organize the disclosure of the information and its storage in a secure place.

During the interview with The Guardian, Snowden admitted that he has a clear idea of his future and the way his life was changing.

“I could be rendered by the CIA, I could have people come after me.” “We’ve got a CIA station just up the road in the consulate here in Hong Kong, and I’m sure,” “that they’re going to be very busy for the next week, and that’s a fear I’ll live under for the rest of my life.”

But Snowden is considered a mine of information, especially for foreign intelligence. He knows the secret systems and the name of actors involved in surveillance program; the access to this information represents a serious menace to homeland security. The man had access to an impressive amount of secret data and confidential documents and nobody has a real idea of which information he kept for himself.

For information about how to secure your data, check out our CCNA training, Ethical Hacking training and CISSP training courses.
The access to the same information from a foreign government could have serious repercussions. That’s why it is certain that Snowden has adopted the necessary measures to prevent uncontrolled data disclosure.

Snowden still remains at a Moscow airport, thanks temporary asylum from the Russian government that later invited him to leave the country, denying political asylum to avoid interference with the relationship with the U.S. government. Snowden’s Russian lawyer, Anatoly Kucherena, confirmed the intention of the man to leave the Russia, but the news is not reassuring for U.S. authorities, who fear the possibility that he could exchange information to receive help in avoiding arrest and capture.

The Guardian published a collection of emails between former New Hampshire Sen. Gordon Humphrey and Snowden, in which the technician remarked that that it’s impossible for information in his possession to be obtained by hostile governments.

Former two-term GOP Senator Gordon Humphrey of New Hampshire emailed Edward Snowden
yesterday [emphasis added]:

Mr. Snowden,

Provided you have not leaked information that would put in harm’s way any intelligence agent, I believe you have done the right thing in exposing what I regard as massive violation of the United States Constitution.

Having served in the United States Senate for twelve years as a member of the Foreign Relations Committee, the Armed Services Committee and the Judiciary Committee, I think I have a good grounding to reach my conclusion.

I wish you well in your efforts to secure asylum and encourage you to persevere.

Kindly acknowledge this message, so that I will know it reached you.

Regards,
Gordon J. Humphrey

Accordingly, Mr. Greenwald sent this to the whistleblower, thanking him for exposing the astonishing surveillance program and at the same time preserving the information that would disclose the details of the PRISM program. Following is Snowden’s reply:

Mr. Humphrey,

Thank you for your words of support. I only wish more of our lawmakers shared your principles – the actions I’ve taken would not have been necessary.

The media has distorted my actions and intentions to distract from the substance of Constitutional violations and instead focus on personalities. It seems they believe every modern narrative requires a bad guy. Perhaps it does. Perhaps, in such times, loving one’s country means being hated by its government.

If history proves that be so, I will not shy from that hatred. I will not hesitate to wear those charges of villainy for the rest of my life as a civic duty, allowing those governing few who dared not do so themselves to use me as an excuse to right these wrongs.

My intention, which I outlined when this began, is to inform the public as to that which is done in their name and that which is done against them. I remain committed to that. Though reporters and officials may never believe it, I have not provided any information that would harm our people – agent or not – and I have no intention to do so.

Further, no intelligence service – not even our own – has the capacity to compromise the secrets I continue to protect. While it has not been reported in the media, one of my specializations was to teach our people at DIA how to keep such information from being compromised even in the highest threat counter-intelligence environments (i.e. China).

You may rest easy knowing I cannot be coerced into revealing that information, even under torture.

With my thanks for your service to the nation we both love,

Edward Snowden

A passage in the above email highlights the impossibility of accessing Snowden’s information without his consent; presumably he has encrypted it, limiting access only to a restricted number of individuals in possession of the encryption keys. This is a possibility, and I have explicitly used the plural because I am convinced that the keys have been shared in very difficult times by Snowden with someone who is assigned the task of disseminating information in case of accidents and adverse events that could affect the young technician.

In a single-step encryption the key used to encrypt document represents the “single point of failure” of the system; obtaining it, the entire information could be revealed, so the principal problem for Snowden was to distribute the responsibility of data maintenance among many individuals.

It is likely Snowden, or anyone who has helped him, has thought of an onion encryption scheme. In every layer could be stored encrypted information and a reference to the owner of the encryption key for those levels.

To avoid that, the encryption chain could be blocked by the absence of one of participants; the information could be encrypted separately by two individuals, in this way in the same level there will be always two copies of the same data enciphered with public keys of two individuals. Both individuals could decrypt the documents with their private keys. The encrypted data in reality are also another couple of enciphered containers.

This is just an idea and possible variants are theoretically infinite.

Figure 3 – Onion Encryption scheme

A similar schema could be efficient only if many accomplices are involved in the conservation and eventual disclosure of data, but it could be too complex to realize for obvious reasons.

Another element to consider is how the files could be spread in the event that Snowden is killed. A totally automated process for the disclosure of information is a possibility, but it is more likely that other people are involved to start the process.

“If something does happen to [Snowden] all the information will be revealed and it could be [the U.S. government’s] worst nightmare.”

According some intelligence experts, the U.S. technician hid the classified documents before fleeing Hong Kong for safety reasons; the news was also reported by the Sunday Times, which cited an informed source.

According to the popular paper, Snowden left behind at least four laptops containing secret intelligence reports when he set off for the Hong Kong airport. It also remarked that copies of encrypted files could be stored in his safety deposit box.

Glenn Greenwald, The Guardian journalist Snowden first contacted in February, revealed that Edward Snowden “has taken all necessary precautions to distribute the precious documents to individuals all around the world, with the purpose that the archives will inevitably be published in case of incidents.”

According to Greenwald, people in possession of these files “cannot access them yet because they are highly encrypted and they do not have the passwords.” This confirms the use of an encryption system. Greenwald also added, “If anything happens at all to Edward Snowden, he told me he has arranged for them to get access to the full archives.” Greenwald confirmed that Snowden has no intention to reveal technical information, specifications or blueprints to other states.

Assuming that Snowden has used a single password to encrypt the secret documents the question is: “How would he arrange to send it to unlock encrypted files if he is operating alone?”

In this case there is a concrete suspicion that that man received the support of at least another individual. Another possibility is the deployment of an automated process that, for example, periodically checks whether a condition is satisfied that will make it necessary to send the key to a list of people who are in possession of the archives.

Deep web or cloud computing?

Where has Snowden hidden the secret archives?

Another fascinating hypothesis is that the young whistleblower has provided to a restricted number of individuals key findings for stolen information and instructions on how to access to the overall amount of leaked data.

At this point it is crucial to understand where is possible to hide information on the Internet away from prying eyes. The Deep Web is one of most secure place where Snowden could have hidden the confidential documents. The Deep Web (or Invisible Web) is the set of information resources on the World Wide Web not reported by normal search engines.

According to several researchers, the principal search engines index only a small portion of the overall web content; the remaining part is unknown to the majority of web users, and it is exactly the obscurest part of the web that intelligence uses to hide secret information and services.

The U.S. Naval Research Laboratory promoted the Tor project. “Tor” is the acronym of “The onion router,” a system implemented to enable online anonymity. Tor client software routes Internet traffic through a worldwide volunteer network of servers hiding users’ information, eluding any monitoring.

Snowden is aware of the potential of the project and it is possible that alone, or with the help of other whistleblowers, he has created a hidden service for the provisioning of the secret information.

According to security experts, Edward Snowden used the Tor network to send information about the surveillance program PRISM to both the Washington Post and The Guardian in June 2013.

Without complicating our lives, it is possible to create a server on which files can be stored in encrypted format. The authentication could be implemented in various ways, depending on the level of security desired; for example, it is possible to allow access to the user only if he is in possession of a digital certificate on his machine. The files could all be encrypted and the certificate could be also used as a container to hold the keys to decrypt the information.

If the clear web seems to have no more secret for intelligence agencies, the Deep Web is totally different from.

The NSA is building a Utah data-mining facility to monitor overall communications traffic; according to security experts, the Utah data center’s purpose is also to penetrate and gather the data hidden in the “deep web,” normally not available for public browsing.

“… The data stored in Bluffdale will naturally go far beyond the world’s billions of public web pages. The NSA is more interested in the so-called invisible web, also known as the deep web or deepnet—data beyond the reach of the public. This includes password-protected data, U.S. and foreign government communications, and noncommercial file-sharing between trusted peers. ‘The deep web contains government reports, databases, and other sources of information of high value to DOD and the intelligence community,’ according to a 2010 Defense Science Board report. ‘Alternative tools are needed to find and index data in the deep web … Stealing the classified secrets of a potential adversary is where the [intelligence] community is most comfortable.’ With its new Utah Data Center, the NSA will at last have the technical capability to store, and rummage through, all those stolen secrets. The question, of course, is how the agency defines who is, and who is not, ‘a potential adversary.'”

The Tor network isn’t the unique opportunity for a whistleblower like Snowden; I2P could represent a valid alternative According to the official definition, “I2P is a scalable, self organizing, resilient packet switched anonymous network layer, upon which any number of different anonymity or security conscious applications can operate.”

In an I2P network the “hidden” component is represented by an application executed by the node, and of course the path followed by the information to reach the destination.

Have you ever read about eepSites?

An eepSite is a website that is hosted and anonymously accessible through a proper setting of web browser HTTP proxy to use the I2P proxy (typically it listens on localhost port 4444) for browsing the site.

Figure 4 – eepsite installation procedure

Installing an eepsite application on a server, it is possible to emulate the behavior of an ordinary web server, with the primary difference that a site on I2Ps Darknet is hidden from prying eyes because nobody has any idea of where the server runs.

The last hypothesis, in my humble opinion less likely, is that Snowden has hidden his file somewhere in the cloud. In this case, the question is: Which cloud has Snowden used?

The young technician is aware that practically every cloud service, such as Dropbox, Microsoft’s SkyDrive, or Box.net, hosted within the United States, even if it has European or non-U.S. data centers, is under complete control of his government. The unique alternative is represented by a private cloud infrastructure, but the effort and the cost to distribute and maintain these architectures can simply not be sustained by a limited number of persons. We must consider that, just after Snowden’s revelation, U.S. secret services have unleashed a veritable manhunt analyzing, as far as possible, any previous relationship and movement of the young man.

Probably the setup of these types of infrastructures would have left some traces in the network that would not escape to the U.S. intelligence.

Conclusion
This post has the unique intention to introduce a couple of the infinite possibilities that a man who has worked for the intelligence for several years has to hide secret documents. Probably he used a complex service in the hidden web or perhaps he has hidden the precious data in a sever hosted in an unknown server farm; what is important is that the man has guaranteed his survival in this way… Snowden never dies since his data remain secret, when they become public it will be too late.

Let us hope that the information does not fall into the wrong hands!

Source: http://resources.infosecinstitute.com/how-edward-snowden-protected-information-and-his-life/

References

http://securityaffairs.co/wordpress/15026/intelligence/us-top-secret-massive-surveillance-program-prism-revealed.html
http://www.guardian.co.uk/commentisfree/2013/jul/16/gordon-humphrey-email-edward-snowden
http://www.foreignpolicy.com/articles/2013/07/18/what_if_snowdens_laptops_hold_no_secrets?page=0,1
http://english.ruvr.ru/news/2013_06_30/Snowden-hid-NSA-files-in-Hong-Kong-for-safety-media-5535/
http://securityaffairs.co/wordpress/5650/cyber-crime/what-is-the-deep-web-a-first-trip-into-the-abyss.html
http://www.popsci.com/technology/article/2013-06/hey-edward-snowden-how-was-your-weekend
http://www.eepsite.com/Content/HowTo/Setup_I2P_Win.htm
http://resources.infosecinstitute.com/anonymizing-networks-tor-vs-i2p/

• 115
  inShare
• Reddit

Author

Pierluigi Paganini

Pierluigi Paganini is Chief Information Security Officer at Bit4Id, firm leader in identity management, member of the ENISA (European Union Agency for Network and Information Security)Treat Landscape Stakeholder Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at Cyber Defense magazine, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to create the blog "Security Affairs," recently named a Top National Security Resource for US. Pierluigi is a member of the The Hacker News team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News magazine and for many other security magazines. He is the author of the books The Deep Dark Web and Digital Virtual Currency and Bitcoin.

5 Apps That Really Clean Up Your Android Device

Joel Lee, January 7th, 2015

Spring is sneaking up around the corner and that can only mean one thing — spring cleaning. Android devices are sophisticated enough that regular maintenance isn’t necessary, but it’s still a good idea to clean out the system every once in a while. Don’t underestimate the impact of staying digitally organized. The trick is finding cleaner apps that actually live up to their promises. At best, a bad cleaner app clogs up disk space; at worst, it could infect you with malware and viruses. Not all cleaner apps are useless, however, so we’re going to help you find the ones worth using.

Clean Master (Free)

 

The 19 million votes giving this app a fantastic 4.5-star rating should speak enough about Clean Master. This powerhouse app is an all-in-one package that cleans out your Android device. It removes junk, it improves performance, and it keeps your data safe from harm.
Does your device overheat? Use the Device Cooler that kills apps that are using too much CPU and draining your battery. Need more storage space? The Junk File Cleaner will eradicate your cache and wipe away files that aren’t being used anymore. There’s also an App Manager that can help you detect and uninstall unnecessary bloatware.
The CPU Boost and Memory Boost features are more situational, but if they end up being useful for you, great. Lastly, Clean Master’s Antivirus scans your system on demand for malware-infected files and vulnerabilities. All in all, a must-have app for everyone. No root necessary.

CCleaner (Free)

 

Yes, it’s the same CCleaner that’s used to reclaim desktop disk space. Like Clean Master, CCleaner is a multifunctional app that does its best to analyze and clean up stray files that no longer have any business taking up your precious space. To that end, it’s pretty good.
The main function is the Cleaner feature that can wipe cache data from apps, purge empty folders, and delete browser and phone histories. The App Manager is a simple interface for picking multiple apps for uninstallation. Lastly, the System Info page monitors your phone’s resources (CPU, RAM, device details) so you can see what’s going on at a quick glance.
No root is necessary and it’s completely free. It may be a bit light on the features, thus being overshadowed by Clean Master, but it’s a good alternative if all you need is a quick way to reclaim your phone’s storage space.

Startup Manager (Free)

 

If you reboot your phone often, you may have wondered why the booting process takes so long — especially if you have one of the latest models with a lot of hardware power. Like all operating systems, Android can be configured to start certain apps during boot and loading takes time.
The problem is that many apps add themselves to the “startup list” without you even realizing it. You can speed up your phone’s boot time if you remove the unnecessary apps from that list using Startup Manager.
It’s pretty simple, too. Startup Manager detects all of the apps that run at startup, including both system apps and user-installed apps. Removing an app is a one-tap procedure. And if you’re worried about needing a rooted device, rest assured: Startup Manager works on non-rooted devices just fine.

History Eraser (Free / $1.99)

 

Are you worried about people potentially snooping through your phone and peeking at something they shouldn’t? Mobile apps tend to log a lot of details — not necessarily for malicious reasons — and it can be a pain to scour through files by hand, deleting saved histories one by one.
History Eraser automates all of that for your convenience. With a single tap, you can clear any of the following: browser history, call logs, text messages, search history, download history, app cache files, clipboard data, and more. All of this works perfectly well on non-rooted devices.
The free version of History Eraser is supported by ads, but you can remove them by upgrading to the paid version.

Duplicate Contacts & Utilities (Free / $1.99)

 

If you struggle with hundreds — even thousands — of people in your contacts list, then you should waste no time checking out Duplicate Contacts & Utilities. As the name implies, it can wipe out duplicates with a single tap, but it also comes with a handful of other useful utilities for managing your contacts.
The Exact Duplicate Removal and Merge Duplicate Contacts features are only available in the paid version. The rest of the features are completely free: Duplicate Number Removal, Duplicate Name Removal, Duplicate Email Removal, Wipe Empty Contacts, Import/Export Contacts as PDF or XLS, among a handful of others.
It’s easy, fast, convenient, and does not require your device to be rooted. Supplement with one of these Android contacts & dialer apps that make it easy to organize and manage your contacts list.

What About Task Killers?

You may have noticed that none of these apps fall under the category of RAM Boosters and Task Killers. That was a deliberate decision. As it turns out, those kinds of apps are counterproductive and can actually harm your device performance.
On Android, full RAM usage is not a bad thing. In fact, Android purposely keeps its RAM as full as possible. As RAM fills up, Android is smart enough to know how to juggle its open apps for optimal performance. Interfering with that process can cause Android to work harder than it needs to, which ultimately slows down your device.
Long story short: don’t use RAM boosters or automatic task killers. For a deeper explanation, check out our exploration of why task killers are bad.

Final Thoughts

Again, none of this is strictly necessary. Your device will keep running even if you don’t spend some time clearing out the junk. And if you upgrade your phone frequently — say, once or twice a year — then you probably don’t need to worry about it at all.
But for the rest of us, this kind of cleaning can reclaim a lot of space and help boost performance, especially on older devices. What are your favorite cleaner apps for Android? Share them with us in the comments below!Source: http://www.makeuseof.com/tag/5-apps-really-clean-android-device-arent-placebos/