Surveillance
Self-Defense

Human rights defender?

  • Human rights defender?

    Recipes for organizations who need to keep safe from government eavesdroppers.

    If you run an organization whose work might be monitored by governments—either locally, or when you travel—you need to think about locking down your communications. Here's a basic guide for what to think about when planning your institutional surveillance self-defense.

  • ستاسو د امنیت پلان

    هر وخت له هرچا څخه ستاسو د ټولو معلوماتو خوندي کولو هڅه کول غیر عملي او یو ستړۍ کار دی. اما، ویره مه لرئ! امنیت یوه پروسه ده، او د یوه ښه فکري پلان له لارې، تاسو کولی شئ داسي یو پلان جوړ کړئ چې ستاسو لپاره سم دی. امنیت یوازې د هغه وسیلو په اړه ندي چې تاسو یې کاروئ یا هغه سافټویر چې تاسو یي ډاونلوډ کوئ. دا د هغه ځانګړي ګواښونو درک کولو سره پیل کیږي چې تاسو ورسره مخ یاست او داچي تاسو څنګه کولی شئ د دې ګواښونو سره مقابله وکړئ.

    د کمپیوټر امنیت په برخه کې، یو ګواښ یو احتمالي پیښه ده چې کولی شي ستاسو د معلوماتو دفاع لپاره ستاسو هڅې زیانمنې کړي. تاسو کولی شئ د هغه ګواښونو سره مقابله وکړئ چې تاسو ورسره مخ یاست د دې په ټاکلو سره چې تاسو باید د کوم یو ساتنه وکړئ او دا چي له چا څخه یي باید ساتنه وکړئ. دا د امنیت د پلان کولو پروسه ده، چې ډیری وختونه ورته "د ګواښ ماډلینګ" ویل کیږي.

    دا لارښود به تاسو ته ښوونه وکړي چې څنګه ستاسو ډیجیټلي معلوماتو لپاره امنیتي پلان جوړ کړئ او څنګه مشخص کړئ چې کوم د حل لارې ستاسو لپاره غوره دي.

    امنیتي پلان څه ډول وي؟ راځئ دا ووایو چې تاسو غواړئ خپل کور او شتمنۍ خوندي وساتئ. دلته یو څو پوښتنې دي چې تاسو یې شاید وپوښتئ:

    *زه په خپل کور کې داسي څه لرم چې د ساتنې وړ دی؟*

    •             په شتمنیو کې شامل کیدی شي: زیورات، برقي توکي، مالي اسناد، پاسپورټونه، یا انځورونه

    *زه له چا څخه ددغو شیانو ساتنه غواړم؟*

    •             په مخالفینو کې شامل کیدی شي: غله، د خونې ملګري، یا میلمانه

    *دا څومره احتمال لري چې زه به یې ساتنې ته اړتیا ولرم؟*

    •             ایا زما ګاونډی د غلا تاریخچه لري؟ زما د خوني ملګري/میلمانه څومره د باور وړ دي؟ زما د مخالفینو وړتیاوي څنګه دي؟ زه باید کوم خطرونه په نظر کي ولرم؟

    که چیري پدي کار کي ناکامه شم نو پایلي یي څومره خطرناکه دي؟

    •             ایا زه زما په کور کې داسي کوم شی لرم چې زه یې نشم بدلولی؟ ایا زه د دې شیانو د بدلولو لپاره وخت یا پیسې لرم؟ ایا زه بیمه لرم چې زما له کور څخه غلا شوي توکي وپوښي؟

    *زه د دې پایلو مخنیوي لپاره څومره ستونزو سره باید مخ شم؟*

    •             ایا زه چمتو یم چې د حساس اسنادو لپاره یو سیف واخلم؟ ایا زه کولی شم د لوړ کیفیت قلف واخلم؟ ایا زه وخت لرم چې په خپل محلي بانک کې امنیتي بکس خلاص کړم او خپل قیمتي توکي هلته وساتم؟

    یوځل چې تاسو له ځانه دا پوښتنې وپوښتئ، نو تاسو په داسې موقعیت کې یاست ترڅو ارزونه وکړئ کوم تدابیر باید ونیول شي. که ستاسو شتمني ارزښتناکه وي، مګر د غلا کیدو احتمال یې ټیټ وي، نو شاید ضرور نه وي چي پر قلف دومره پیسي مصرف کړئ. مګر، که د غلا کیدو احتمال ډیر وي، تاسو باید په بازار کې غوره قلف ترلاسه کړئ، او د امنیت سیسټم ټینګولو باندې غور وکړئ.

    د امنیتي پلان جوړول به تاسو سره مرسته وکړي هغه ګواښونه چې تاسو ته ځانګړي دي او ستاسو د شتمنیو، ستاسو مخالفینو، او ستاسو د مخالفینو وړتیاو ارزونه، د خطرونو احتمال چې تاسو ورسره مخ یاست ښه درک کړئ.

    زه څنګه خپل امنیتی پلان جوړ کړم؟ د کوم ځاۍ څخه پیل وکړم؟

    د امنیت پلان جوړول تاسو سره مرسته کوي ترڅو هغه شیان چې ستاسو لپاره ارزښت لري او دا چي پریکړه وکړئ له چا څخه یې ساتلو ته اړتیا لرئ وپیژنئ. کله چې د امنیتي پلان جوړوئ دا پنځه پوښتنو ته ځواب ووایاست:

    1.          د کوم شي ساتنه باید وکړم؟

    2.          د چا څخه یي ساتنه وکړم؟

    3.          که چیري پدي کار کي ناکامه شم نو پایلي یي څومره خطرناکه دي؟

    4.          دا څومره امکان لري چې زه به یې ساتنې ته اړتیا ولرم؟

    5.          زه د احتمالي پایلو مخنیوي لپاره څومره ستونزو سره باید مخ شم؟

    راځئ چې دې هرې پوښتنې ته نږدې کتنه وکړو.

    باید د کومو شیانو ساتنه وکړم؟

    "شتمنۍ" هغه څه دي چې ستاسو لپاره ارزښت لري او ساتنه یې غواړئ. د ډیجیټلي امنیت په برخه کې، شتمني معمولا یو ډول معلومات وي. د مثال په توګه، ستاسو بریښنالیکونه، د اړیکو لیستونه، فوري پیغامونه، موقعیت او فایلونه ټولې احتمالي شتمنۍ دي. ستاسو آلي یا دستګاوي هم شتمنۍ دي.

    د خپلو شتمنیو لیست جوړ کړئ: هغه ډاټا چې تاسو یې ساتئ، چیرته ساتل کیږي، څوک دې ته لاسرسی لري، کوم شیان دې ته د لاسرسي مخه نیسي.

    زه غواړم د چا څخه یي ساتنه وکړم؟

    دې پوښتنې ته د ځواب ویلو لپاره، دا مهم دي ترڅو وپیژنئ هغه به ممکن څوک وي چي غواړي تاسو یا ستاسو معلومات په نښه کړي. یو شخص یا اداره چې ستاسو شتمنیو ته ګواښ پیښوي یو "دښمن یا مخالف" بلل کیږي. د احتمالي دښمنانو مثالونه ستاسو رییس، ستاسو پخوانی ملګری، ستاسو د سوداګرۍ سیال، ستاسو دولت یا په عامه شبکه کې هیکر دی.

    د خپلو مخالفینو، یا هغه څوک چې ممکن وغواړي ستاسو شتمنۍ ترلاسه کړي لیست یي جوړ کړئ. ستاسو په لیست کې ممکن افراد، یوه دولتي اداره، یا شرکتونه شامل وي.

    نظر ودي ته چې ستاسو مخالفین څوک دي، په ځینې شرایطو کې دا لیست ممکن هغه څه وي چې تاسو یې غواړئ د امنیتي پلان جوړولو وروسته له مینځه یوسي.

    پایلي یي څومره خطرناکه دي؟

    ډیری لارې شتون لري چې یو دښمن کولی شي ستاسو معلوماتو ته لاسرسی ومومي. د مثال په توګه، یو دښمن کولی شي کله چې دوی له شبکې څخه تیریږي ستاسو شخصي اړیکې ولولي، یا دوی کولی شي ستاسو ډاټا له منځه یوسي یا فاسد کړي.

    د مخالفینو انګیزي لکه د دوی تاکتیکونه په پراخه کچه توپیر لري. یو حکومت چې هڅه کوي د داسي یوې ویډیو د خپریدو مخه ونیسي چې د پولیسو تاوتریخوالی ښیې ممکن د دې ویډیو حذف کول یا هغه ته لاسرسۍ کمول یوه منځپانګه وي. برعکس، یو سیاسي مخالف ممکن وغواړي چې پټ مینځپانګې ته لاسرسی ومومي او پرته له دې چې تاسو خبر کړي دا مینځپانګه نشر کړي.

    د امنیت پلان کولو کي پدي پوهیدل دي چې پایلې به څومره خرابې وي که چیرې یو دښمن په بریالیتوب سره ستاسو یوې شتمنۍ ته لاسرسی ومومي. د دې مشخص کولو لپاره، تاسو باید د خپل دښمن وړتیا په پام کې ونیسئ. د مثال په توګه، ستاسو د ګرځنده تلیفون چمتو کونکی ستاسو د تلیفون ټولو ریکارډونو ته لاسرسی لري. د وائی فای په یو پرانیستي شبکه کې هیکر کولی شي ستاسو غیر کوډ کښل شوي اړیکو ته لاسرسی ومومي. ستاسو دولت ممکن قوي وړتیاوې ولري.

    هغه څه ولیکئ چې ستاسو دښمن ممکن ستاسو د شخصي معلوماتو سره څه کول غواړي.

    دا څومره امکان لري چې زه به یې ساتنې ته اړتیا ولرم؟

    خطر د دې احتمال دی چې د یوې ځانګړې شتمنۍ پروړاندې یو ځانګړی ګواښ په عملي توګه واقع شي. دغه شی د وړتیا سره نښتي وي. پداسې حال کې چې ستاسو د ګرځنده تلیفون چمتو کونکي وړتیا لري چې ستاسو ټولو ډاټا ته لاسرسی ومومي، ددي خطر چي په آنلاین توګه ستاسو شخصي ډاټا خپاره کړي ترڅو ستاسو شهرت ته زیان ورسوي ټیټ دی.

    دا مهم دي ترڅو ددي ترمینځ توپیر وکړئ چي څه شی ممکن پیښ شي او څومره احتمال لري چي دا به پیښ شي. د مثال په توګه، یو ګواښ شتون لري چې ستاسو ودانۍ به چپه شي، مګر د دې پیښې خطر په سان فرانسسکو کې (چیرې چې زلزلې عام دي) د سټاکهولم په پرتله (چیرې چې دوی نه وي) خورا ډیر دی.

    د خطرونو ارزونه دواړه شخصي او فکري (د خلکو فکر پر بنسټ) پروسه ده. ډیری خلک ځینې ګواښونه د نه منلو وړ ګڼي پرته لدې چې احتمال یې په نظر کي ونیسي ځکه چې په هر احتمال کې یوازې د ګواښ شتون په لګښت نه ارزي. په نورو قضیو کې، خلک لوړ خطرونه له پامه غورځوي ځکه چې دوی ګواښ ته د یوي ستونزې په توګه نه ګوري.

    هغه ګواښونه چې تاسو یې په جدي توګه ګڼئ، او کوم چې د اندیښنې لپاره خورا نادر وي یا خورا زیان رسونکي نه وي (یا د مبارزې لپاره خورا ستونزمن وي) ولیکئ.

    زه د دې پایلو مخنیوي کوښښ لپاره څومره ستونزو سره باید مخ شم؟

    د امنیت لپاره هیڅ بشپړ انتخاب شتون نلري. هرڅوک ورته لومړیتوبونه، اندیښنې یا سرچینو ته لاسرسی نلري. ستاسو د خطر ارزونه به تاسو ته اجازه درکړي د ځان لپاره  د اسانتیا، لګښت او محرمیت توازن په پام کي نیولو سره سم یوه سمه ستراتیژي پلان کړئ.

    د مثال په توګه، یو وکیل چې په ملي امنیت قضیه کې د پیرودونکي نمایندګي کوي ممکن د دې قضیې په اړه د اړیکو خوندي کولو لپاره ډیر کارونه ترسره کړي، لکه د کوډ کښل شوي بریښنالیک کارول خو د کورنۍ غړی چې په منظم ډول مسخره پیشو ویډیوګانې ایمیل کوي دا کار به ونه کړي.

    هغه اختیارونه چي ستاسو لپاره شتون لري ولیکئ ترڅو ستاسو د ځانګړي ګواښونو په کمولو کې مرسته وکړي. دا یادداښت کړئ که تاسو کوم مالي محدودیتونه، تخنیکي خنډونه، یا ټولنیز خنډونه لرئ.

    امنیتي پلان جوړول د یو عادي کړني په توګه

    په یاد ولرئ ستاسو امنیتي پلان جوړونه ممکن ستاسو وضعیت بدلون سره سم بدلون ومومي. پدې توګه، ستاسو د امنیت پلان په مکرر ډول بیاکتنه یوه ښه کړنه ده.

    د خپل ځانګړي وضعیت پر بنسټ خپل امنیتي پلان جوړ کړئ. بیا خپل تقویم په راتلونکي کې د نیټې لپاره په نښه کړئ. دا به تاسو وهڅوي چې د خپل پلان بیاکتنه وکړي او بیرته چیک کړئ ترڅو معلومه کړي ایا دا لاهم ستاسو وضعیت پوري تړاو لري.

    Last reviewed: 
    2-1-2021
  • Communicating with Others

    Telecommunication networks and the Internet have made communicating with people easier than ever, but have also made surveillance more prevalent. Without taking extra steps to protect your privacy, every phone call, text message, email, instant message, video and audio chat, and social media message could be vulnerable to eavesdroppers.

    Often the most privacy-protective way to communicate with others is in person, without computers or phones being involved at all. Because this isn’t always possible, the next best thing is to use end-to-end encryption.

    How Does End-to-End Encryption Work?

    End-to-end encryption ensures that information is turned into a secret message by its original sender (the first “end”), and decoded only by its final recipient (the second “end”). This means that no one can “listen in” and eavesdrop on your activity, including wifi cafe snoops, your Internet service provider, and even the website or app you are using itself. Somewhat counter-intuitively, just because you access messages in an app on your phone or information from a website on your computer does not mean that the app company or website platform itself can see them. This is a core characteristic of good encryption: even the people who design and deploy it cannot themselves break it.

    All the tools that have guides on the SSD site use end-to-end encryption. You can use end-to-end encryption for any kind of communication — including voice and video calls, messaging and chat, and email.

    (Not to be confused with end-to-end encryption is transport-layer encryption. While end-to-end encryption protects messages, for example, all the way from you to your recipient, transport-layer encryption only protects them as they travel from your device to the app’s servers and from the app’s servers to your recipient’s device. In the middle, your messaging service provider—or the website you are browsing, or the app you are using—can see unencrypted copies of your messages.)

    Under the hood, end-to-end encryption works like this: When two people want to communicate via end-to-end encryption (for example, Akiko and Boris) they must each generate pieces of data, called keys. These keys can be used to turn data that anyone can read into data that can be only read by someone who has a matching key. Before Akiko sends a message to Boris, she encrypts it to Boris's key so that only Boris can decrypt it. Then she sends this encrypted message across the Internet. If anyone is eavesdropping on Akiko and Boris—even if they have access to the service that Akiko is using to send this message (such as her email account)—they will only see the encrypted data and will be unable to read the message. When Boris receives it, he must use his key to decrypt it into a readable message.

    Some services, like Google Hangouts, advertise “encryption,” but use keys that are created and controlled by Google, not the sender and final receiver of the message. This is not end-to-end encryption. To be truly secure, only the “ends” of the conversation should have the keys that let them encrypt and decrypt. If the service you use controls the keys, that is transport layer-encryption instead.

    End-to-end encryption means that users must keep their keys secret. It can also mean doing work to make sure the keys used to encrypt and decrypt belong to the right people. Using end-to-end encryption can involve some effort—from simply choosing to download an app that offers it to proactively verifying keys—but it's the best way for users to verify the security of their communications without having to trust the platform that they're both using.

    Learn more about encryption in What Should I know About Encryption?, Key Concepts in Encryption, and Different Types of Encryption. We also explain one particular kind of end-to-end encryption—called “public key encryption”—in more detail in A Deep Dive on End-to-End Encryption.

    Phone Calls and Text Messages versus Encrypted Internet Messages

    When you make a call from a landline or a mobile phone, your call is not end-to-end encrypted. When you send a text message (also known as SMS) on a phone, the text is not encrypted at all. Both allow governments or anyone else with power over the phone company to read your messages or record your calls. If your risk assessment includes government interception, you may prefer to use encrypted alternatives that operate over the Internet. As a bonus, many of these encrypted alternatives also offer video.

    Some examples of services or software that offer end-to-end encrypted texting and voice and video calls include:

    Some examples of services that do not offer end-to-end encryption by default include:

    • Google Hangouts
    • Kakao Talk
    • Line
    • Snapchat
    • WeChat
    • QQ
    • Yahoo Messenger

    And some services, like Facebook Messenger and Telegram, only offer end-to-end encryption if you deliberately turn it on. Others, like iMessage, only offer end-to-end encryption when both users are using a particular device (in the case of iMessage, both users need to be using an iPhone).

    How Much Can You Trust Your Messaging Service?

    End-to-end encryption can defend you against surveillance by governments, hackers, and the messaging service itself. But all of those groups might be able to make secret changes in the software you use so that even if it claims to use end-to-end encryption, it is really sending your data unencrypted or with weakened encryption.

    Many groups, including EFF, spend time watching well-known providers (like WhatsApp, which is owned by Facebook, or Signal) to make sure they really are providing the end-to-end encryption they promise. But if you are concerned about these risks, you can use tools that use publicly known and reviewed encryption techniques and are designed to be independent of the transport systems they use. OTR and PGP are two examples. These systems rely on user expertise to operate, are often less user-friendly, and are older protocols that don’t use all of the modern best encryption techniques.

    Off-the-Record (OTR) is an end-to-end encryption protocol for real-time text conversations that can be used on top of a variety of instant messaging services. Some tools that incorporate OTR include:

    PGP (or Pretty Good Privacy) is the standard for end-to-end encryption of email. For detailed instructions on how to install and use PGP encryption for your email, see:

    PGP for email is best-suited for technically experienced users communicating with other technically experienced users who are well aware of PGP’s complexities and limitations.

    What End-To-End Encryption Does Not Do

    End-to-end encryption only protects the content of your communication, not the fact that you are communicating in the first place. It does not protect your metadata, which includes, for example, the subject line of an email, who you are communicating with, and when. If you are making a call from a cell phone, information about your location is also metadata.

    Metadata can provide extremely revealing information about you even when the content of your communication remains secret.

    Metadata about your phone calls can give away some very intimate and sensitive information. For example:

    • They know you rang a phone sex service at 2:24 am and spoke for 18 minutes, but they don't know what you talked about.
    • They know you called the suicide prevention hotline from the Golden Gate Bridge, but the topic of the call remains a secret.
    • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour, but they don't know what was discussed.
    • They know you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after, but the content of those calls remains safe from government intrusion.
    • They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood's number later that day, but nobody knows what you spoke about.

    Other Important Features

    End-to-end encryption is only one of many features that may be important to you in secure communication. As described above, end-to-end encryption is great for preventing companies and governments from accessing your messages. But for many people, companies and governments are not the biggest threat, and therefore end-to-end encryption might not be the biggest priority.

    For example, if someone is worried about a spouse, parent, or employer with physical access to their device, the ability to send ephemeral, “disappearing” messages might be their deciding factor in choosing a messenger. Someone else might be worried about giving their phone number out, and so the ability to use a non-phone-number “alias” might be important.

    More generally, security and privacy features are not the only variables that matter in choosing a secure communications method. An app with great security features is worthless if none of your friends and contacts use it, and the most popular and widely used apps can vary significantly by country and community. Poor quality of service or having to pay for an app can also make a messenger unsuitable for some people.

    The more clearly you understand what you want and need out of a secure communication method, the easier it will be to navigate the wealth of extensive, conflicting, and sometimes outdated information available.

    Last reviewed: 
    6-9-2020
  • Keeping Your Data Safe

    If you have a smartphone, laptop, or tablet, you’re carrying a massive amount of data with you at all times. Your social contacts, private communications, personal documents and personal photos (many of which have confidential information of dozens, even thousands of people) are just some examples of things you may store on your digital devices. Because we store and carry so much data, it can be hard to keep it safe—especially because it can be taken from you relatively easily.

    Your data can be seized at the border, taken from you in the street, or burgled from your house and copied in seconds. Unfortunately, locking your device with passwords, PINs, or gestures may not protect your data if the device itself is seized. It’s relatively easy to bypass such locks because your data is stored in an easily-readable form within the device. An adversary would just need to access the storage directly in order to copy or examine your data without your password.

    With that said, you can make it harder for those who physically steal your data to unlock its secrets. Here are a few ways you can help keep your data safe.

    Encrypt Your Data

    If you use encryption, your adversary needs both your device and your password to unscramble the encrypted data. Therefore, it's safest to encrypt all of your data, not just a few folders. Most smartphones and computers offer complete, full-disk encryption as an option.

    For smartphones and tablets:

    • Android offers full-disk encryption when you first set up your device on newer devices, or anytime afterwards under its “Security” settings for all devices.
    • Apple devices such as the iPhone and iPad describe it as “Data Protection” and turn it on if you set a passcode.

    For computers:

    • Apple provides a built-in, full-disk encryption feature on macOS called FileVault.  
    • Linux distributions usually offer full-disk encryption when you first set up your system.
    • Windows Vista or later includes a full-disk encryption feature called BitLocker.

    BitLocker's code is closed and proprietary, which means it is hard for external reviewers to know exactly how secure it is. Using BitLocker requires you trust Microsoft provides a secure storage system without hidden vulnerabilities. On the other hand, if you're already using Windows, you are already trusting Microsoft to the same extent. If you are worried about surveillance from the kind of adversaries who might know of or benefit from a backdoor in either Windows or BitLocker, consider an alternative open-source operating system such as GNU/Linux or BSD, especially a version that has been hardened against security attacks, such as Tails or Qubes OS. Alternatively, consider installing an alternative disk encryption software, Veracrypt, to encrypt your hard drive.

    Remember: Whatever your device calls it, encryption is only as good as your password. If an adversary has your device, they have all the time in the world to figure out your passwords. An effective way of creating a strong and memorable password is to use dice and a word list to randomly choose words. Together, these words form your “passphrase.” A “passphrase” is a type of password that is longer for added security. For disk encryption we recommend selecting a minimum of six words. Check out our guide to Creating Strong Passwords for more information.

    It may be unrealistic for you to learn and enter a long passphrase on your smartphone or mobile device. So, while encryption can be useful to prevent casual access, you should preserve truly confidential data by keeping it hidden from physical access by adversaries, or cordoned away on a much more secure device.

    Create a Secure Device

    Maintaining a secure environment can be hard. At best, you have to change passwords, habits, and perhaps the software you use on your main computer or device. At worst, you have to constantly think about whether you're leaking confidential information or using unsafe practices. Even when you know the problems, you may not be able to employ solutions because sometimes people with whom you need to communicate use unsafe digital security practices. For instance, work colleagues might want you to open email attachments from them, even though you know your adversaries could impersonate them and send you malware.

    So what’s the solution? Consider cordoning off valuable data and communications onto a more secure device. You can use the secure device to keep the primary copy of your confidential data. Only use this device occasionally and, when you do, consciously take much more care over your actions. If you need to open attachments, or use insecure software, do it on another machine.

    An extra, secure computer may not be as expensive an option as you think. A computer that is seldom used, and only runs a few programs, does not need to be particularly fast or new. You can buy an older netbook for a fraction of the price of a modern laptop or phone. Older machines also have the advantage that secure software like Tails may be more likely to work with them than newer models. Some general advice is almost always true: When you buy a device or an operating system, keep it up-to-date with software updates. Updates will often fix security problems in older code that attacks can exploit. Note that some older operating systems may no longer be supported, even for security updates.

    When Setting up a Secure Computer, What Steps Can You Take to Make it Secure?

    1. Keep your device well-hidden and don’t discuss its location—somewhere where you are able to tell if it has been tampered with, such as a locked cabinet.
    2. Encrypt your computer’s hard drive with a strong passphrase so that if it is stolen, the data will remain unreadable without the passphrase.
    3. Install a privacy- and security-focused operating system like Tails. You might not be able (or want) to use an open-source operating system in your everyday work, but if you just need to store, edit, and write confidential emails or instant messages from this secure device, Tails will work well and defaults to high security settings.
    4. Keep your device offline. Unsurprisingly, the best way to protect yourself from Internet attacks or online surveillance is to never connect to the Internet. You could make sure your secure device never connects to a local network or Wifi and only copy files onto the machine using physical media, like DVDs or USB drives. In network security, this is known as having an “air gap” between the computer and the rest of the world. While extreme, this can be an option if you want to protect data that you rarely access, but never want to lose (such as an encryption key, a list of passwords, or a backup copy of someone else's private data that has been entrusted to you). In most of these cases, you might want to consider just having a hidden storage device, rather than a full computer. An encrypted USB key kept safely hidden, for example, is probably as useful (or as useless) as a complete computer unplugged from the Internet.
    5. Don’t log in to your usual accounts. If you do use your secure device to connect to the Internet, create separate web or email accounts that you use for communications from this device, and use Tor (see guides for Linux, macOS, Windows) to keep your IP address hidden from those services. If someone is choosing to specifically target your identity with malware, or is only intercepting your communications, separate accounts and Tor can help break the link between your identity, and this particular machine.

    While having one secure device that contains important, confidential information may help protect it from adversaries, it also creates an obvious target. There’s also a risk of losing the only copy of your data if the machine is destroyed. If your adversary would benefit from you losing all your data, don't keep it in just one place, no matter how secure. Encrypt a copy and keep it somewhere else.

    A variation on the idea of a secure machine is to have an insecure machine: a device that you only use when going into a dangerous place or attempting a risky operation. Many journalists and activists, for instance, take a basic netbook with them when they travel. This computer does not have any of their documents or usual contact or email information on it so there’s minimal loss if it is confiscated or scanned. You can apply the same strategy to mobile phones. If you usually use a smartphone, consider buying a cheap throwaway or burner phone when travelling for specific communications.

    Last reviewed: 
    11-2-2018
  • Things to Consider When Crossing the U.S. Border

    Planning on crossing the border into the United States anytime soon? Did you know that the government has the right to, without a warrant, search travelers at the border—including when they land at international airports—as part of its traditional power to control the flow of items into the country? (Note that although some of the same legal justifications exist for searches of those leaving the U.S. and that such searches are possible, travelers are not routinely searched on their way out of the country.)

    For a more in-depth treatment of this issue, check out EFF's guide, Digital Privacy at the U.S. Border: Protecting the Data On Your Devices.

    Here are Some Things to Keep in Mind When Crossing the U.S. Border:

    Border agents may demand your digital data. Consider your individual risk assessment factors. Your immigration status, travel history, the sensitivity of your data, and other factors may influence your choices.

    Be aware that unusual precautions may make border agents suspicious.

    • Back up your devices. This may help in case one or more of your devices is seized. You can use an online backup service or an external hard drive, though we don't recommend carrying both your laptop and your backup hard drive at the same time.
    • Reduce the amount of data you carry over the border. Consider traveling with a "clean" laptop. But note that simply dragging files to your trash doesn't delete them completely. Make sure you securely delete your files. Consider leaving your regular mobile phone at home and purchasing a temporary phone and transferring your SIM card over or getting a new number when you arrive at your destination.
    • Encrypt your devices. We recommend using full-disk encryption  on your devices (laptops, mobile phones, etc.) and choosing secure passphrases.
    • If a border agent asks for your passphrase , you do not have to comply. Only a judge can force you to reveal such information. However, refusal to comply could bear consequences: for noncitizens, you may be refused entry into the country; for citizens, your device may be seized or you may be detained for several hours.
    • Power down your devices before arriving at the border to block high-tech attacks.
    • Don’t rely on fingerprint or other biometric locks; they are weaker than passwords.
    • Agents can get live or cached cloud content from the apps and browsers you have on your device. Consider logging out, removing saved login credentials, or uninstalling sensitive apps.
    • When dealing with border agents, remember these three things: Be courteous, do not lie, and do not physically interfere with the agent’s search. Border agents have a right to look at the physical aspects of your device (e.g., to make sure drugs aren’t stored in the battery compartment of a laptop).

    Not sure you’ll remember these tips? Check out EFF’s Border Search Pocket Guide, designed to be printed, folded, and carried in your pocket while traveling.

     

     

    Last reviewed: 
    10-29-2018
  • Choosing the VPN That's Right for You

    VPN stands for “Virtual Private Network.” When you connect to a VPN, all data that you send (such as the requests to servers when browsing the web) appears to originate from the VPN itself, rather than your own ISP. This masks your IP address, which can be an important tool for protecting your privacy, since your IP address provides an indication of your general location and can therefore be used to identify you.

    In practice, VPNs can:

    • Protect your Internet activity from prying eyes, especially if you’re connected to an unsecure Wi-Fi network in a café, airport, library, or somewhere else.
    • Circumvent Internet censorship on a network that blocks certain sites or services. For example, when you are working from a school’s Internet connection or in a country that blocks content. Note: It’s important to keep up to date on security news for specific countries’ policies on VPNs.
    • Connect you to the corporate intranet at your office while you’re traveling abroad, at home, or any other time you are out of the office.

    One common misconception is that VPNs are just for desktop computers. Logging in to strange or unfamiliar Wi-Fi connections from your phone can be just as risky as logging onto a strange Wi-Fi network from your computer. You can have a VPN on your phone to encrypt traffic from your carrier and Internet Service Provider, or ISP.

    There is no one-size-fits-all solution when it comes to VPNs. Just like email, there are many VPN services out there and you should choose the service that works best for you. Depending on which one you choose, you can benefit from an increased level of security when connected to networks you wouldn’t ordinarily trust. This does mean, however, that you will be placing your trust in the VPN itself.

    So do you need a VPN? And which VPN should you use? The answer to these questions are packed with various considerations and nuances. This guide will help you think through what tools are right for you, and what factors you should consider in your search for a VPN.

    Let’s Start With the Basics: How do VPNs Actually Work?

    This explainer by the Center for Democracy & Technology describes a VPN as a tool that creates “a sort of tunnel for your internet traffic [in order to] prevent outsiders from monitoring or modifying your traffic. Traffic in the tunnel is encrypted and sent to your VPN, which makes it much harder for third parties like internet service providers (ISPs) or hackers on public Wi-Fi to snoop on a VPN users’ traffic or execute man-in-the-middle attacks. The traffic then leaves the VPN to its ultimate destination, masking that user’s original IP address. This helps to disguise a user’s physical location for anyone looking at traffic after it leaves the VPN.”

    We recommend reading the Center for Democracy & Technology’s entire article before continuing on to better understand what VPNs are and how they work.

    Things to Consider: What VPNs Don’t Do

    A VPN protects your Internet traffic from surveillance on the public network, but it does not protect your data from the private network you’re using. If you are using a corporate VPN, then whoever runs the corporate network will see your traffic. If you are using a commercial VPN, whoever runs the service will be able to see your traffic.

    A disreputable VPN service might do this deliberately, to collect personal information or other valuable data.

    The manager of your corporate or commercial VPN may also be subject to pressure from governments or law enforcement to turn over information about the data you have sent over the network. You should review your VPN provider’s privacy policy for information about the circumstances under which your VPN provider may turn your data over to governments or law enforcement.

    You should also take note of the countries in which the VPN provider does business. The provider will be subject to the laws of those countries, including laws governing government requests for information. Laws vary from country to country, and sometimes those laws allow officials to collect information without notifying you or giving you an opportunity to contest it. The VPN provider may also be subject to legal requests for information from countries with whom the countries in which it operates have a legal assistance treaty.

    Most commercial VPNs require you to pay using a credit card, which includes information about you that you may not want to disclose to your VPN provider, as it can easily be linked back to your identity. If you would like to keep your credit card number from your commercial VPN provider, use a VPN provider that accepts bitcoin or gift cards, or use temporary or disposable credit card numbers. Also, note that the VPN provider may still collect your IP address when you use the service, which can also be used to identify you, even if you use an alternative payment method. If you would like to hide your IP address from your VPN provider, you could use Tor when connecting to your VPN, or connect to the VPN only from a public Wi-Fi network.

    How Do I Choose a VPN That’s Right For Me?

    Everyone has different needs for how they hope to use a VPN. And the range and quality of VPNs varies a lot from one service to another. To find the VPN that’s right for you, you can evaluate VPNs based on the following criteria:

    Claims

    Is the VPN provider making claims about their product or services? Maybe they claim not to log any user connection data (see data collection below), or they claim not to share or sell data. Remember that a claim is not a guarantee, so be sure you verify these claims. Dig deep into a VPN provider’s privacy policy to uncover details about how your data is monetized, even if the VPN doesn’t sell it to third parties directly.

    Business model

    Even if a VPN isn’t selling your data, it must be able to stay in operation somehow. If the VPN doesn’t sell its service, how is it keeping its business afloat? Does it solicit donations? What is the business model for the service? Some VPNs run on a “freemium” model, meaning they are free to join, but after you transfer a certain amount of data they will charge you. If your budget is constrained, this is useful information to know.

    Reputation

    It is worthwhile to do a search on the people and organizations associated with the VPN. Is it endorsed by security professionals? Does the VPN have news articles written about it? If the VPN was established by people known in the information security community, it is more likely to be trustworthy. Be skeptical of a VPN offering a service that no one wants to stake their personal reputation on, or one that is run by a company that no one knows about.

    Data collection

    A service that does not collect data in the first place will not be able to sell that data. When looking through the privacy policy, see whether the VPN actually collects user data. If it doesn’t explicitly state that user connection data is not being logged, chances are that it is. And, depending on jurisdiction, a government can demand that data or issue a subpoena for it.

    Even if a company claims not to log connection data, this may not always be a guarantee of good behavior. We encourage you to investigate instances where a VPN has been mentioned in the media. They may have been caught misleading or lying to their customers. A simple search can go a long way.

    Location and laws

    You might choose a VPN based on where its headquarters are based. Choosing a VPN based on the data privacy laws of that country may be an important factor, but please note that laws and policies can change.

    Encryption

    How safe is the VPN encryption? If a VPN is using broken encryption—such as Point-to-Point Tunneling Protocol (PPTP) or weak encryption ciphers—any data flowing through it can be easily decrypted and viewed by your ISP or country. If you’re using a work VPN, contact your IT department and inquire about the security of the connection. Evaluating the strength of encryption in a VPN can be difficult to do, so you may want to check out this VPN comparison chart by That One Privacy Site, which analyzes almost 200 VPN providers based on their jurisdictions and policies.

    EFF cannot vouch for these or any VPN ratings. Some VPNs with exemplary privacy policies could be run by devious people. Do not use a VPN that you do not trust.

    Remember: There is no one-size-fits-all VPN. There are many factors to consider when choosing a VPN. Always remember to consider your security plan before making any decisions about the tools you use to protect your digital security.

    Last reviewed: 
    3-7-2019
Next:
JavaScript license information