Digital Privacy Black Paper: A Guide to Giving NSA the Finger...Without Them Ever Noticing

7/28/2019 Digital Privacy Black Paper: A Guide to Giving NSA the Finger...Without Them Ever Noticing

1/19

DIGITAL PRIVACY

BLACK PAPER

A GUIDE TO GIVING NSA THE FINGER..

WITHOUT THEM EVER NOTICING


2/19

DIGITAL PRIVACY BLACK PAPER

2

Im not here to tell you that we are being spied on.

That Facebook is keeping track o you and your riends.

That Google is storing your searches, your locations, your emails,your browsing history. Everything.

That the NSA can listen in on every phone call and read every textmessage.

Everybody knows that.

They know it. We know it. We know that they track our every

move. We know about their social network profling and enormousdata centers they are building all over the country.

As Ive said beore, rom Obamas kill switch, to ACTA, SOPA and PIPA, to stasi tactics against people likeKim Dotcom, hardly a month goes by without some major action against Internet users.

But its whats going on in the background that you should be worried about.

As William Binney, another NSA whistleblower and the agencys ormer Technical Director, recently toldme in the May 2013 edition o our premium service, Sovereign Man: Condential

It was around 2003 when they started putting optical bers coming into the US through Y-connector Narusdevices. Basically these wouldduplicate the datacoming across the Internetone set o packets would go thenormal route, the other set would go to NSA acilities.

There, they collect all the data coming in through fber optics, reassemble all the data packets into useableinormation-- emails, le transers, etc. and then pass it along or storage.

That means they are taking all that data o the ber optic lines at 20 main convergence points in the US,collecting almost all o the Internet trac passing through the US. This gets them pretty much control overthe digital world.

But this is no guide to PRISM or other surveillance programs carried out by governments around theworld.

No, this Black Paper is about solutions. And weve intentionally kept this as a short list o actionablesolutions. No fu.

This Black Paper is about how you can reclaim some o your privacy and integrity in a world o Big Brothersurveillance; how you and your riends can give all state surveillance and unwarranted consumer prolingthe nger...without them ever knowing where you disappeared.


3/19


3

In a perect world there would not be government agents spying on you. And youd be able to go aboutyour daily lie without worrying about someone reading your emails or text messages.

But we are not living in a perect world, and thus you can always expect the government to do what they

have always done throughout history; they lie, they steal, they kill, they spy, and they always strive or morepower and more control.

The bottom line is; when it comes to your reedom o integrity and privacy, the government cannot give itto you.

Because your reedom is not theirs to give.

It belongs to you and you alone.

I you want it back, you must take it or yoursel

This Black Paper will help you with that.

These are important steps. Please, share this Black Paper with your riends and amily, or share this linkwith your social networks.

Now lets take back your privacy.

To your reedom,

Simon BlackEditor, SovereignMan.com
http://www.sovereignman.com/nsa-black-paper/http://www.sovereignman.com/http://www.sovereignman.com/http://www.sovereignman.com/nsa-black-paper/


4/19


4

WHAT YOULL LEARN IN THIS BLACK PAPER

Keep It Simple Stupid (KISS) .................................................................................................................5How These Tools And Services Were Selected.........................................................................................5

Secure Your Social Media Habits ............................................................................................................6

Secure Your Browsing .............................................................................................................................7

Anonymous Browsing on Laptops .....................................................................................................7

The #1 Browser Add-On You Should Install ......................................................................................7

Anonymous Browsing on Android .....................................................................................................8

Anonymous Browsing on iOS ...........................................................................................................8

Secure Your Searches (And Drop O The Tracking Radar) .....................................................................8

Secure Your Email ..................................................................................................................................9

1. Move Your Email Hosting Oshore .............................................................................................102. Dont Save Your Emails Forever ...................................................................................................10

3. Encrypt Your Emails ....................................................................................................................11

Encrypted Email or OS X / Windows / Linux ...........................................................................11

Encrypted Email or Android ......................................................................................................11

Encrypted Email or iOS .............................................................................................................11

Secure Your Chat and Text Messages ....................................................................................................12

Encrypted Chat or OS X / Windows / Linux .................................................................................12

Cryptocat ...................................................................................................................................12

Pidgin / Adium / Jitsi .................................................................................................................14

Encrypted Chat or Android ............................................................................................................14Encrypted Chat or iOS ..................................................................................................................14

Secure Your Voice Calls ........................................................................................................................15

Encrypted Voice Calls or OS X / Windows / Linux ........................................................................15

Jitsi + Ostel.co ............................................................................................................................15

Encrypted Voice Calls or Android ..................................................................................................16

CSipSimple app + Ostel.co .........................................................................................................16

RedPhone ...................................................................................................................................16

Encrypted Voice Calls or iOS .........................................................................................................16

Groundwire app + Ostel.co ........................................................................................................16

Platorm Independent Voice Call Encryption ..................................................................................16Silent Phone ...............................................................................................................................16

Secure Your Stored Data .......................................................................................................................17

...on your harddrive .........................................................................................................................17

...in the cloud ..................................................................................................................................17

Secure Your Payments ...........................................................................................................................18

The Bottom Line & Next Steps ............................................................................................................18


5/19


5

Keep It Simple Stupid (KISS)= The rst rule o protecting your privacy online and ofine.

I a solution or sotware is too complicated, chances are you wont use it, and what good is it then?

This guide is only about the simple solutions; the sotware, the services, and the solutions that you actuallycan use on a daily basis without wanting to pull your hair out.

First o all, in each section you will learn what NOT to do.

Second, You will learn how to sur, email, chat, talk, store data, and buy stu, securely and privately.

You will learn how to make it quite a bit harder or the NSA to spy on you and map your lie.

How These Tools And Services Were SelectedYou will notice as you read through this report that most o the tools are open-source. This means that thesource code is open or anyone to see and improve the sotware, and also that its ree to redistribute thesotware and share it with your riends.

This selection is intentional.

First, because when its ree more people will use it.

And second, because i the source code is available or anyone to view, its harder, i not impossible, to hide

a backdoor in the sotware that can allow someone to track and log your activities or even gain direct accessto your computer.

For example; the source code or Skypeis closed so we dont really know i a backdoor is built in or not. Itwould not be surprising i there is a backdoor considering how Microsot, the owner o Skype, bends overbackwards or the US government in other matters.

Jitsion the other hand is another voice call sotware that well cover in the section on encrypted voice callsand its open-source, so i a backdoor was built in it would quickly be discovered.

But just because something cost money or is not open-source does not mean you should avoid it, it justmeans you need to take a rational and calculated approach to choosing the tools that best suit your needs.

So lets get started.
http://opensource.org/docs/osdhttp://opensource.org/docs/osd


6/19


6

TIP

Secure Your Social Media HabitsMost o this report is about communicating privately, but as we are living in the age o social media theresanother aspect o privacy that you need to consider. That the data you wantto share with the world can beas dangerous and revealing as the data you want to keep or yoursel.

So dont share your whole life on Facebook.

This may apply more to the young people in the audience, but think about it; i youre an average visitor tosocial media websites and apps such as Facebook, Twitter, Instagram, etc., chances are you share some o theollowing inormation:

Your name

Your birth date

What you look like

Past and present locations where youve lived, worked, gone to school, etc.

Your uture travel plans

What your liestyle looks like

Your interests

Your political and religious views

Who your riends are

Details o amily members

And last but not least, your location every time you log in

What more could a government agency ask or?

So when it comes to social media, just think one extra time beore you post something online, it can saveyou trouble years down the road.


7/19


7

Secure Your BrowsingThe rst step to securing and anonymizing your Internet browsing is to choose a good browser, and lets startwith the browser on your computer.

Anonymous Browsing on Laptops

Google and Microsot are both sharing bed with the NSA, so it does not make much sense to use GoogleChrome or Internet Explorer.

Instead, visit the Tor Project and download the Tor Browser Bundle, which is a version o Mozilla Fireox thathas been customized to use an anonymous subnetwork which anonymizes your trac. Heres how it works.

As an example, lets say your in New York City and you visit a website or log into Facebook via the TorBrowswer. Instead o showing your IP address and location (which identies your specic computer),

accessing via the Tor network might show that your trac is originating rom London or Barcelona.

Thus with the Tor Browser Bundle, you do not reveal your location and identityevery time you visit a website.This isveryimportant or online privacy.

Download the Tor Browser Bundle here, extract the archive, start it up, and youre almostready or browsingthe internet more securely.

The #1 Browser Add-On You Should Install

One thing Tor cannot do is itcannotencrypt Internet trafc between the Tor network and its fnal destination.

This means that whenever you are communicating inormation you want to keep sae, or example when youlog into a website with a username and password or you log into your online bank, then make sure you areusing HTTPS instead o HTTP.

A useul (andree) plugin that I recommend you install on the Tor Browser is HTTPS Everywhere by theElectronic Frontier Foundation(EFF) and the Tor Project. This pluginorcesan https connection withmany major websites and thus encrypts your communications.
https://www.torproject.org/https://www.torproject.org/projects/torbrowser.html.enhttps://www.torproject.org/about/overview.html.enhttps://www.torproject.org/download/download-easy.html.enhttps://www.eff.org/https-everywherehttps://www.eff.org/https-everywherehttps://www.torproject.org/download/download-easy.html.enhttps://www.torproject.org/about/overview.html.enhttps://www.torproject.org/projects/torbrowser.html.enhttps://www.torproject.org/


8/19


8

But keep in mind when you browse, that i the browsers lock icon is broken or carries an exclamation mark,you may remain vulnerable to some adversaries that use active attacks or trac analysis.

Anonymous Browsing on AndroidI youve got Android then install the Orbot and Orweb apps.Orbot lets you unnel and encrypt your smart phone tracthrough the Tor network and thus makes it anonymous, andOrweb is a web browser thats customized to work with Orbot oranonymous browsing on the go.

Anonymous Browsing on iPhone or iPad

I you use an iPhone or iPad (iOS) device, then check out the Onion Browser ($0.99), which also enablesanonymous browsing over the Tor network.

Secure Your Searches (And Drop O The Tracking Radar)As you might know, Google stores details about all o your searches-- not only the search term itsel but alsoyour location, time and date, etc. (Heres how it works)

They do this so they can customize your search experienceand deliver targeted ads. We also know that they canshare all o this data with your government, and they requently do just that.

The nice thing is there are other search engines out there that will satisy your search needs just as well, withoutletting Big Brother peek over your shoulder as you search.

Introducing the search engine or privacy-minded olks: DuckDuckGo.
https://guardianproject.info/apps/orbot/https://guardianproject.info/apps/orweb/https://guardianproject.info/apps/orbot/https://guardianproject.info/apps/orweb/https://guardianproject.info/apps/orbot/https://guardianproject.info/apps/orweb/https://guardianproject.info/apps/orbot/https://guardianproject.info/apps/orweb/https://itunes.apple.com/us/app/onion-browser/id519296448http://donttrack.us/https://duckduckgo.com/https://duckduckgo.com/http://donttrack.us/https://itunes.apple.com/us/app/onion-browser/id519296448https://guardianproject.info/apps/orweb/https://guardianproject.info/apps/orbot/


9/19


9

DuckDuckGo does not collect or share anypersonal inormation. I use it mysel, and I can attest that thesearch results are more than satisying when compared to Googles search results.

So go and bookmarkhttps://duckduckgo.com, or better yet install their Fireox add-on in your Tor Browser.

Searching on the go?

Get the DuckDuckGo app or iOS orAndroid.

But...you are not onlyactivelytracked when you search on Google or watch videos on Youtube. You are alsopassivelytracked when you browse the web through the countless o tracking scripts that you unknowinglyrun, and cookies that are saved to your computer, when you visit a website.

Google Analytics is just one example, and its rare to nd a website today that does not have Google Analyticstracking set up. This means that you can be tracked on the majority o websites that you visit, and we allknow where this data might end up...

The solution?

Block the trackers, so that you stayinvisibleto websites you visit.

To do this, install the browser plugins BetterPrivacyand DoNotTrackMe on the Tor Browser that Irecommended earlier in this chapter.

One nal add-on to the Tor Browser that you might want to consider is the NoScript plugin, which blocksjavascript on the websites you visit. Ill let the creators explain why this may make sense:

NoScript allows JavaScript, Java and other executable content to run only rom trusted domains o your choice,

e.g. your home-banking web site, guarding your trust boundaries against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts

I know that sounds advanced, but i you want to maximize your browser security then you should giveNoScript a try and whitelist only the websites that you trust.

Secure Your EmailWhether you have a PC, a Mac, or only a smartphone, you can get started airly easily with encrypting youremails with state o the art encryption.

But rst, lets get one thing out o the way: i you suspect its a bad idea to use Gmail or Hotmail(nowOutlook), youre correct!

Even Hushmail, a company that prides itsel with oering Free Email with Privacy, has been proven to becooperative with government, as in the cases where they have handed over cleartext copies o private e-mailmessages at the request o law enorcement agencies.

They also, as the other big online email services, record your IP address (and thus location) every time youlog in to check your email.
https://duckduckgo.com/https://addons.mozilla.org/en-US/firefox/addon/duckduckgo-for-firefox/https://play.google.com/store/apps/details?id=com.duckduckgo.mobile.androidhttps://play.google.com/store/apps/details?id=com.duckduckgo.mobile.androidhttps://addons.mozilla.org/en-US/firefox/addon/betterprivacy/https://addons.mozilla.org/en-US/firefox/addon/donottrackplus/https://addons.mozilla.org/en-US/firefox/addon/noscript/https://addons.mozilla.org/en-US/firefox/addon/noscript/https://addons.mozilla.org/en-US/firefox/addon/donottrackplus/https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/https://play.google.com/store/apps/details?id=com.duckduckgo.mobile.androidhttps://play.google.com/store/apps/details?id=com.duckduckgo.mobile.androidhttps://addons.mozilla.org/en-US/firefox/addon/duckduckgo-for-firefox/https://duckduckgo.com/


10/19


10

So dont use Gmail or any other common cloud based email service or that matter. All o these companieswill hand over your data as soon as a government agency knocks on their door.

Now, encryption is all the rage right now, but encryption is only the last step out o three that you need totake to secure your email.

1. Move Your Email Hosting Offshore

First, get your own web domain. I you want to go the whole nine yards then avoid the common .com / .org /.net / .us domains, because they are under the control o the US government, and the US government have atrack record o seizing domains they can get their hands on i they think they have a good reason or it.

Domain suxes such as .no (Norway) or .at (Austria) are run by national-level, non-US agencies that are notunder the jurisdiction o the US government.

When you have your own web domain, the next step is to set up your email on an oshore server outside o yournative country, and outside o the US. This is not as hard as it sounds, because there are several companies outthere oering cheap solutions.

For example NeoMailBoxhas servers in Switzerland and oers secure email with built in encryption starting at~$4 per month.

Another alternative thats a bit pricier but more user riendly is the Silent Circle. Their Silent Mail service oersstate o the art encryption and comes with your own @silentmail.com email address. Silent Mail is part o thegrowing Silent Circle suite, and comes rom the PGP creator Phil Zimmerman himsel.

But remember, using an oshore email provider does not guarantee privacy or security unless you encrypt your

emails. But it does decrease the likelihood o your email account being seized by your home government bycreating a wall o legal hurdles or anyone who want to gain access to your emails, assuming o course that theytry and gain access the legal way.

Because as Henry Kissinger, ormer US National Security Advisor and Secretary o State, once said: [March 10,1975 in Ankara, Turkey]

The illegal we do immediately. The unconstitutional takes a little longer.

So there are two more steps Id recommend you do that will protect you even i someone would gain ull access toyour email account.

2. Dont Save Your Emails ForeverBecause then what happens i someone gain access to your account? They nd years and years o email history.Not smart.

I you use a decent email hosting provider you should be able to congure the email client to delete old emailsater a month, year, etc.
https://www.neomailbox.com/services/secure-emailhttps://silentcircle.com/https://silentcircle.com/web/silent-mail/https://silentcircle.com/web/silent-mail/https://silentcircle.com/https://www.neomailbox.com/services/secure-email


11/19


11

3. Encrypt Your Emails

This is the big step. Because i youve encrypted your emails, even i someone gains access to message, alltheyll see is gibberish. Dont orget to encrypt your email drats as well, or better dont save the drats at all.

The worldwide gold standard or email encryption is Pretty Good Privacy(PGP), or its ree cousin GnuPrivacy Guard (GPG). PGP is so good that when it was rst invented, the US government consideredit a military-grade weapon and they spent years trying to pin criminal charges on its inventor PhilZimmerman or violating the Arms Export Control Act.

Encrypted Email or OS X / Windows / Linux

You can congure PGP or GPG to work with most major email clients, including Outlook, Mac Mail, andMozilla Thunderbird.

The simplest way to get started with encrypting your emails with GnuPGP is to download and installMozilla Thunderbird along with the Enigmail add-on(check out their Quick Start Guide), along withyour oshore email account.

Encrypted Email or Android

I you have a smart phone then unortunately there are not many user riendly alternatives out there. I youare running Android theres the agingAPG (Android Privacy Guard) app that works with the excellent K-9Mail email app. Theyre both ree, although they do require some prociency in setting up.

The Guardian Project is hard at work on getting a user riendly GPG app or Android out that makes iteasy or everyone to use, and we are keeping our eyes on that project.

Encrypted Email or iOS

Take a look at iPGMail ($1.99), that is an app that implements the OpenPGP standard (RFC 4880) andallows the user to create and manage both public and private (RSA and DSA) PGP keys and send and receive

PGP encrypted messages.
https://en.wikipedia.org/wiki/Pretty_Good_Privacyhttp://www.gnupg.org/http://www.gnupg.org/http://www.gnupg.org/https://www.mozilla.org/en-US/thunderbird/https://www.mozilla.org/en-US/thunderbird/http://www.enigmail.net/home/index.phphttp://www.enigmail.net/documentation/quickstart.phphttps://code.google.com/p/android-privacy-guard/https://play.google.com/store/apps/details?id=com.fsck.k9https://play.google.com/store/apps/details?id=com.fsck.k9https://guardianproject.info/https://itunes.apple.com/us/app/ipgmail/id430780873https://itunes.apple.com/us/app/ipgmail/id430780873https://guardianproject.info/https://play.google.com/store/apps/details?id=com.fsck.k9https://play.google.com/store/apps/details?id=com.fsck.k9https://code.google.com/p/android-privacy-guard/http://www.enigmail.net/documentation/quickstart.phphttp://www.enigmail.net/home/index.phphttp://www.enigmail.net/home/index.phphttps://www.mozilla.org/en-US/thunderbird/https://www.mozilla.org/en-US/thunderbird/http://www.gnupg.org/http://www.gnupg.org/http://www.gnupg.org/https://en.wikipedia.org/wiki/Pretty_Good_Privacy


12/19


12

Secure Your Chat and Text MessagesIn this section youll learn how to securely chat with and text your riends and amily, and well cover ree

solutions or your laptop, your Android smart phone, or your iOS device.

First o, chances are you are currently using the Facebook chat, Skype, Google Talk, Whatsapp, MSN, orregular texting to chat with your riends.

Dont. Because i you do, then the state can read your conversations as an open book.

So lets tighten up your instant messaging security.

First o, i you and your riends happen to have Android smart phones and you text each other, then checkout TextSecure.

TextSecure is a ree and open source app byOpen WhisperSystems that encrypts your textmessages over the air and on your phone. Its almost identical to the normal text messagingapplication, and is just as easy to use.

It will not only encrypt your text messages locally on your phone, but also encrypt themover the air, or ull privacy. So i you lose your phone, your text messages will still beprotected with ull encryption (just make sure you choose a strong password and not abc123).

But remember that even though your text messages will be encrypted, your phone company and the NSAwill still be able to see that it was you who sent the message, and who received it. So all o that socialnetwork proling will still be going on even though they dont know what youre talking about.

Thats why I recommend you use one o the instant messaging solutions below instead. They all use theO-the-Record (OTR) cryptographic protocol, and when combined with Tor no one will be able to knowwho you are, who you are talking to, or what youre talking about.

The best thing is, with any o the solutions below (except or Cryptocat), the OTR protocol is platormindependent, which means you can chat on your iPhone with someone using an Android, PC, or Mac, aslong as they also have a client that supports OTR.

Encrypted Chat for OS X / Windows / Linux

Cryptocat

I you want a really easy solution that just works, then tryCryptocat. Its an easy to use instantmessaging client that encrypts your communication with the OTR protocol, and as many other o ourrecommendations in this Black Paper its ree and open-source.

To get started you can either install the Fireox plugin or your Tor Browser or i you have a Mac you candownload the Cryptocat application in the app store.
https://play.google.com/store/apps/details?id=org.thoughtcrime.securesmshttps://whispersystems.org/https://www.torproject.org/https://crypto.cat/https://addons.mozilla.org/en-US/firefox/addon/cryptocat/https://itunes.apple.com/us/app/cryptocat/id613116229https://itunes.apple.com/us/app/cryptocat/id613116229https://addons.mozilla.org/en-US/firefox/addon/cryptocat/https://crypto.cat/https://www.torproject.org/https://whispersystems.org/https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms


13/19


13

When you start it up it will look like this:

Its really easy to get started with Cryptocat. Just enter aconversation nameand anick name, and then clickconnect. To chat with a riend they just have to enter the same conversation name and you will have yourown private and encrypted chat room.

As the team behind Cryptocat warns though, this is not a perect solution:

Cryptocat does not anonymize you: While your communications are encrypted, your identity can still betraced since Cryptocat does not mask your IP address. For anonymization, we highly recommend usingTor.

Cryptocat does not protect against key loggers: Your messages are encrypted as they go through the wire, butthat doesnt mean that your keyboard is necessarily sae. Cryptocat does not protect against hardware or sotwarekey loggers which might be snooping on your keyboard strokes and sending them to an undesired third party.

Cryptocat does not protect against untrustworthy people: Parties youre conversing with may still leak yourmessages without your knowledge. Cryptocat aims to make sure that only the parties youre talking to get yourmessages, but that doesnt mean these parties are necessarily trustworthy.


14/19


14

Pidgin / Adium / Jitsi

According to the EFF, The easiest way to use OTR encryption [on a laptop] is to use Pidgin orAdium oryour IMs (Pidgin is a program that will talk to your riends over the MSN, Yahoo!, Google, Jabber, andAIM networks; Adium X is similar program specically or Mac OS X).

I youre using Pidgin [the Windows sotware], install the the OTR encryption plugin or that client.Adium [the Mac sotware] comes with OTR built in.

With OTR encryption installed, you still need to do a ew things or network privacy:

Read and understand OTR encryptionss inormation

Make sure the people you are talking to also use OTR encryption, and make sure its active. (In Pidgin,check or OTR:private or OTR:unveried in the bottom right corner.)

Follow OTR encryptions instructions to Conrm any person you need to have sensitive conversationswith. This reduces the risk o an interloper (including the government with a warrant) being able to trickyou into talking to them instead o the person you meant to talk to. Recent versions o OTR encryptionallow you to do this just by agreeing on a shared secret word that you both have to type (what was thename o the riend who introduced us?). Older versions required that both users check that their clientreported the right ngerprint or the other client.

I youd like to learn more about using Pidgin with OTR then heres a detailed guide that my team dug up.

Jitsi is also a good open-source alternative with OTR support, and as youll see in the next section you canalso use Jitsi or encrypted voice and video calls.

Encrypted Chat for AndroidI you have an Android phone and want to chat in private, then the Gibberbot app is what youre lookingor. Its open source, its ree, and you can chat with your riends on Google Chat (GChat), Facebook Chat,VKontakte, Yandex, Hyves, Odnoklassniki, StudiVZ, Livejournal, Jabber, etc.

The Guardian Project has a great guide that will get you started with Gibberbot. Check it out here.

Gibberbot also works great with Orbot that we covered in the browser section, which allows you to chatcompletely anonymous.

Encrypted Chat for iOS

The ree ChatSecure app or iPhone and iPad is, just as Gibberbot or Android, an open-source app thatuse the O-the-Record protocol or encrypted instant messaging.

Did I mention its ree?
http://www.pidgin.im/http://adium.im/http://www.cypherpunks.ca/otr/help/buttonhelp.php?lang=en%20statushttp://en.wikipedia.org/wiki/Public_key_fingerprinthttps://securityinabox.org/en/pidgin_mainhttps://jitsi.org/https://guardianproject.info/apps/gibber/https://guardianproject.info/howto/chatsecurely/https://guardianproject.info/apps/orbot/http://chrisballinger.info/apps/chatsecure/http://chrisballinger.info/apps/chatsecure/https://guardianproject.info/apps/orbot/https://guardianproject.info/howto/chatsecurely/https://guardianproject.info/apps/gibber/https://jitsi.org/https://securityinabox.org/en/pidgin_mainhttp://en.wikipedia.org/wiki/Public_key_fingerprinthttp://www.cypherpunks.ca/otr/help/buttonhelp.php?lang=en%20statushttp://adium.im/http://www.pidgin.im/


15/19


15

Secure Your Voice CallsWith voice calls lets limit ourselves to VoIP calls, i.e. calls made over the internet, because even i youencrypt calls over the regular cell phone network your telecom provider stores who you talk with, when youtalk, and your physical location.

Lets start with what you should notbe using to make voice calls.

Dont use Skype or Google Voice.

Sure, they do encrypt your voice calls and as Skype states on their homepage; this protects yourcommunications rom alling into the hands o hackers and criminals.

However, they ail to mention i that encryption also protects your communication rom alling into thehands o government ocials, and will not comment on their rumored backdoor ability to grant lawenorcement the privilege o listening in on your calls.

There are more secure alternatives, many o them using the OpenSecure Telephony Network (OSTN) and the server provided by theGuardian Project, ostel.co.

The rst step to make encrypted voice calls over OSTN is to sign upor a ree account at ostel.co. The username you choose will be the name your riends enter when they wantto call you.

Next step is to download one o the clients below depending on your platorm and then add your OSTNaccount, and o course to call a riend over an encrypted line they will also need an ostel.co account andone o the below clients.

When using any o the clients below with OSTN, all the trac is routed through the Ostel server. Thismakes is very dicult to track and trace. Not to mention, Ostel doesnt retain any o this data.

Heres instructions rom Ostel on how to check i its working:

Ater you install the app on your device, you can test that everything is working by calling the user code named9-1-9-6. In this echo test, you should hear your own voice when you speak into the phone. You should also seeZRTP - OK in the yellow bar near the top o the screen, letting you know that the encryption is working.Now you can place ree and secure calls to your riends who also have Ostel set up. To ensure maximum security,conrm that the same 4-digit code appears on both phones.

Encrypted Voice Calls for OS X / Windows / LinuxJitsi + Ostel.co

The open-sourceJitsi app can encrypt your voice and video calls over OSTN. Download the sotwarehere and to add your OSTN account, add aSIP account to Jitsi with your [email protected] email andpassword.
https://ostel.co/https://ostel.co/https://ostel.co/https://jitsi.org/Main/HomePagehttps://jitsi.org/Main/Downloadhttps://jitsi.org/Main/Downloadmailto:[email protected]:[email protected]://jitsi.org/Main/Downloadhttps://jitsi.org/Main/Downloadhttps://jitsi.org/Main/HomePagehttps://ostel.co/https://ostel.co/https://ostel.co/


16/19


16

Encrypted Voice Calls for Android

CSipSimple app + Ostel.co

The CSipSimple app or Android enables you to communicate securely over OSTN. Just download theapp in the Google Play store, add your Ostel.co account in their account wizard (with ostel.co as the servername), and then youre all set to call your riends.

RedPhone

An alternative solution or Android is the ree RedPhone app byOpen WhisperSystems. Its also opensource, and has seen real action when it was (and still is) used by dissidents in Egypt during the recentturmoil. Just install it, launch it, and call a riend, and i they have RedPhone installed you will see anotication asking i you want to upgrade to an encrypted call.

One word o caution though: RedPhone only encrypts the trac between your phone and the other end othe line. As the Tactical Technology Collectivesays it becomes easier to analyze the trac it produces and traceit back to you, through your mobile number. RedPhone uses a central server, which is a point o centralizationand thus puts RedPhone in a powerul position (o having control over some o this data).

Encrypted Voice Calls for iOS

Groundwire app + Ostel.co

The Groundwire app or iPhone and iPad ($9.99) will allow you to receive encrypted voice calls overOSTN. An additional $25 (in-app purchase) will unlock the ZRTP extension that will allow you to alsoplace secure calls.

Platform Independent Voice Call Encryption

Silent Phone

Silent Phone is part o the Silent Circlesuite and comes rom PGP inventor Phil Zimmerman himsel, andhave apps or both iOS and Android.

As Silent Circle states on their website no one can listen in, no one can wiretap. Youll get your ownunique 10-digit phone number when you sign up, and the app works over 3G, 4G, or WiFi networks.

As part o the Silent Circle suite you will also nd Silent Eyes or Windows that enables encrypted videochat(Mac users, see Jitsi above), and Silent Text (currently only or iOS) .
https://play.google.com/store/apps/details?id=com.csipsimplehttps://play.google.com/store/apps/details?id=org.thoughtcrime.redphonehttps://whispersystems.org/https://itunes.apple.com/en/app/groundwire-business-caliber/id378503081https://silentcircle.com/web/silent-phone/https://silentcircle.com/web/silent-eyes/https://silentcircle.com/web/silent-text/https://silentcircle.com/web/silent-text/https://silentcircle.com/web/silent-eyes/https://silentcircle.com/web/silent-phone/https://itunes.apple.com/en/app/groundwire-business-caliber/id378503081https://whispersystems.org/https://play.google.com/store/apps/details?id=org.thoughtcrime.redphonehttps://play.google.com/store/apps/details?id=com.csipsimple


17/19


17

Secure Your Stored DataThere are many reasons or why youd want to encrypt your les, photos, or documents.

...on your harddrive

With the open-source sotware TrueCrypt you can encrypt les containing sensitive inormation. You cancreate an encrypted le container or you can encrypt an USB drive, or your entire hard drive.

Download TrueCrypt here, and then check out their beginners tutorial.

On a Mac, TrueCrypt limits you to creating encrypted le containers, but i you happen to have a Macrunning OS X 10.7 or newer you can encrypt the whole hard drive using FileVault, a built in encryptionsolution.

For a complete guide to FileVault click here.

...in the cloudWe now know that Dropbox has been in the pipeline to be added to NSAs intelligence gathering programPRISM, so its clear that you should not store sensitive les or documents on Dropbox. Neither can GoogleDrive, Amazon S3, or iCloud be considered secure places or your data.

You want a cloud storage provider that takes security and privacy seriously and oer strong encryption, andi this is what youre looking or then check out cloud storage provider Mega.co.nz. Ill let the team behindMega introduce themselves:

We are a dedicated group o technologists who were given the time,opportunity and Internet access to build an awesome cloud storage

service that will help protect your privacy. We have programmedthis Internet service rom scratch in Auckland, New Zealand.Unlike most o our competitors, we use a state o the art browserbased encryption technology where you, not us, control the keys.

The entrepreneur behind Mega, Kim Dotcom, is currentlyreleased on bail acing possible extradition to the US in theMegaupload case. I you want to learn what thats all about,then watch this interviewwith Kim.

To get started with encrypted cloud storage you can sign up or a ree account at Mega.co.nz where you get50GB online storage. I you need more than that you get a lot o bang or your buck with their Pro plans,so drop Dropbox and give Mega a try.
http://www.truecrypt.org/http://www.truecrypt.org/downloadshttp://www.macworld.com/article/1162999/complete_guide_to_filevault_2_in_lion.htmlhttps://mega.co.nz/http://kim.com/http://youtu.be/ZvrRaeHD5TEhttps://mega.co.nz/https://mega.co.nz/http://youtu.be/ZvrRaeHD5TEhttp://kim.com/https://mega.co.nz/http://www.macworld.com/article/1162999/complete_guide_to_filevault_2_in_lion.htmlhttp://www.truecrypt.org/downloadshttp://www.truecrypt.org/


18/19


18

Secure Your PaymentsThis one is easy.

Whenever possible, pay in cash.

By not using your credit card or every purchase you remove yet another source o data that can be trackedand stored indenitely.

I you cant pay in cash, then consider paying in Bitcoin, i possible.

Bitcoin is a digital currency that is completely decentralized. There is no Bitcoin issuer that regulates itssupply like a central bank, and no tiny elite that has the power to conjure new Bitcoins out o thin air.

As such, Bitcoin itsel is nearly impossible to regulate, as I noted in a recent article.

Full anonymity requires special eorts though, and heres what you need to know about using Bitcoin.

Download the Bitcoin wallet client here, and to ll up on Bitcoins you can visit MtGox.com or Coinbase.com, both o them reputable exchanges.

The Bottom Line & Next StepsDont count on government ocials, or other bad guys or that matter, to respect your privacy. Their trackrecord proves they dont give a hoot, because or them anything goes in the name o national security.

Nowadays when you can be a potential terrorist or just about anything, do you really want the state to beable to read you as an open book and store that data orever on a NSA server in the Utah desert?

It might be easy to think that since youre doing nothing wrong then you have nothing to worry about, i.e. thenothing to hide, nothing to ear argument. Ill say it again, its total BS, because privacy is a right, not a privilege.

Even still, the aux justice system is littered with innocent people who have had their own data wrongullyacquired and used against them.

Our core ethos at Sovereign Man deserves repeating, and it is doing what makes sense no matter what.Taking basic steps to saeguard your communications simply makes sense no matter what. So start soonerrather than later.

In our ree newsletter Notes rom the Field I share other strategies that makes sense no matter what, things like:

opening an oshore bank account in a healthy jurisdiction to protect against insolvent banks

buying and storing gold and silver oshore to protect your wealth against infation and corrupt governments

moving your hard earned retirement savings overseas so insolvent governments cant steal it
http://bitcoin.org/http://www.sovereignman.com/trends/us-treasury-denies-it-is-trying-to-torpedo-bitcoin-12056/http://bitcoin.org/en/you-need-to-knowhttp://bitcoin.org/en/choose-your-wallethttps://mtgox.com/https://coinbase.com/https://coinbase.com/https://coinbase.com/https://coinbase.com/https://mtgox.com/http://bitcoin.org/en/choose-your-wallethttp://bitcoin.org/en/you-need-to-knowhttp://www.sovereignman.com/trends/us-treasury-denies-it-is-trying-to-torpedo-bitcoin-12056/http://bitcoin.org/


19/19


establishing residency in some thriving and exotic country as a backup plan or just to build that better lie

investing in productive arm land that will put money in your pocket when things are going well, andood on your table when the shit hits the an

I you liked this Black Paper on how to give NSA the nger, then I invite you to join me and over ahundred thousand other men and women as we together explore the uture o reedom and prosperity inSovereign Mans ree newsletter, Notes rom the Field.

Click here to sign up or Notes rom the Field
http://www.sovereignman.com/newsletter/http://www.sovereignman.com/newsletter/

Documents

Digital Privacy Black Paper: A Guide to Giving NSA the Finger...Without Them Ever Noticing