THE COLLEGE HILL INDEPENDENT


Corrupted Installation

Protecting privacy under the 45th president

by Jonah Max

published November 18, 2016


When Donald J. Trump assumes the presidency on January 20, he will be stepping into an office whose powers have swelled to phenomenal heights over the past 15 years. What were once considered controversial executive practices under Bush and Cheney have now been ossified as bipartisan security measures under Obama. Programs such as Bush’s warrantless wiretapping originally drew censure from prominent Democrats who, in a 2006 Senate Resolution, considered it an act of executive “overreach” founded on “twisted interpretations” of the law. Not only has this sort of indiscriminate warrantless surveillance come to define Obama’s NSA as the Snowden leaks documented, but it also has been adamantly defended by the very Democrats, Nancy Pelosi and Chuck Schumer among others, who had originally seen such programs as a serious threat to Americans’ privacy and civil liberties. In 2013, Pelosi went so far as to hold private meetings with House Democrats and Republicans to ensure that a bill curbing the NSA’s surveillance capabilities would not be passed. Other Bush-Cheney operations such as Guantanamo Bay’s detention camp have either been continued by the Obama administration, or, in the case of targeted killings and drone operations, have been radically expanded. What was once a fledgling program run out of the CIA has become the cornerstone of Obama’s military interventions in Somalia, Pakistan, Yemen, and elsewhere. For every drone operation authorized by Bush, 10 operations have been authorized by Obama. His administration has also realized new avenues along which executive power could be extended, such as using an executive order designed to sidestep Congress’s more democratic means for lawmaking, or its reliance on the Espionage Act which it has used against more whistleblowers than all previous administrations combined. 

Many now watch in horror as Trump assumes all of these powers and policies long defended as appropriate and necessary by Democratic elites, who seemingly presumed that one of their own would succeed Obama. As Slate editor Franklin Foer wrote last week, Trump is taking over “the office of the presidency at the peak of its imperial powers.”

 What makes this all the more frightening is that Trump has thus far laid out exceedingly little of his plans for the White House. During the campaign, political operatives, pundits, and citizens alike watched on as the businessman wavered between racist demagoguery and authoritarian rhetoric without putting forth substantial policy, believing this would eventually discredit Trump rather than enliven his base. What we are now left with is a faint outline—strongly girded by sexism, racism, and homophobia—of vague ambitions and untenable objectives. On the question of cybersecurity, Trump’s website states that his administration will “develop the offensive cyber capabilities we need to deter attacks by both state and non-state actors and, if necessary, to respond appropriately.” How are we to understand a term like "respond appropriately" here? How would the Trump administration determine the difference between state and non-state actors? Similar questions emerge when one examines his stance on drone operations, which he has referred to as simply “necessary” yet has failed to articulate what exactly they might be necessary for. Donald Trump is, of course, not the first politician to traffic in vagaries, but the explicit danger and murky constitutionality of the security policies he does choose to elucidate—such as “taking out” the families of suspected terrorists—demands this sort of vigilant questioning.

Moreover, since Trump’s policy is so often utterly indiscernible, one must assume that the vast majority of executive responsibility will be relegated to his entourage of Islamophobes, hardline imperialists, surveillance state specialists, and Christian radicals—tenuous members of the DC elite so unsavory and collectively despised by their colleagues that their only chance at political relevance was through Trump.

What might a kill list look like under Chris Christie? The NSA under Rudy Giuliani? Drone operations under General Mike Flynn? 

Now more than ever, it is essential to remember that it is our data that scaffolds these surveillance and security organizations and operations. It is our emails and search histories that fill the memory banks of XKEYSCORE, a NSA program designed to identify and monitor nearly every human who sits down at a computer. It is our teleand internet communications that corporations, at the behest of the government, feed PRISM, another data collection program helmed by the NSA. In the past, some may have felt overly comfortable relinquishing their rights to privacy and, in essence, fueling these surveillance systems, believing a ‘beneficent’ administration would never abuse these powers. After watching Trump’s campaign tenaciously pursue and distribute the contents of a private email server with the single goal of personal destruction, however, one must imagine far fewer feel comfortable now. Even before Trump, these systems have always been intimately tied to violence—the data-gathering operations run by the NSA and CIA generate what security operatives call signals intelligence (or SIGINTS), the information ultimately used to determine whether or not a person should be placed on one of the White House’s kill lists, lists which Trump will soon take over. 

While it may seem like a small step in warding off such pervasive, dark futures, it is essential—especially for those engaged in political activity, who have been disproportionately targeted by the American security apparatus in the past—to take time now to protect our data and preserve our privacy.

Below the College Hill Independent presents a preliminary guide to data protection.

 

 

ENCRYPTING EMAIL COMMUNICATION WITH PGP

In the late ’80s, computer scientist and anti-nuclear activist Phil Zimmermann watched as Congress began to roll out new surveillance legislation designed to collect and track digital and telephone communication in the US. In an effort to counteract these far-reaching policies and preserve the privacy of American citizens, Zimmermann released the source code for his encryption program PGP (which modestly stands for Pretty Good Privacy) in 1991. 

 Zimmermann’s program is not only capable of quickly encrypting text, but it also, to this day, remains unbroken. That is, the encryption is so robust that even if a PGP-encrypted message were to be intercepted by the most capable employees of the NSA or Great Britain’s Government Communications Headquarters, they would still have no ability to read the message itself.

 While the science behind PGP and related programs is exceedingly complex, the system itself operates on a simple lock and key principle. When one downloads a PGP encryption program (we recommend GnuPG for Windows and GPGTools for Mac, both free), they are given a unique public and private key. This public key (the lock) can only be opened with your specific private key (the key). The idea then is to send copies of this public key to all of your contacts, so when they want to send you a message, they just have to put it in an email encrypted with your public key.

Once you receive this encrypted email, you simply decrypt (unlock) the email with your private key. This process can run in both directions, with the sender always encrypting their message with the receiver’s public key, and the receiver decrypting the message with their own private key.

By following these steps and encrypting sensitive information,we can insure our own privacy as well as the privacy of all those who come in contact with the email. Furthermore, as Zimmermann points out in PGP’s first user manual, once these encryption systems become ubiquitous (particularly among those who have no intention of nefarious activity), the desire within the US security community to make such techniques illegal will, in turn, be undermined.

 

REROUTING YOUR INTERNET ACCESS THROUGH A VIRTUAL PRIVATE NETWORK

While Virtual Private Networks (VPNs) were originally designed to protect large corporations from hackers in the 1980s, they have become an invaluable tool for any citizen who fears their internet activity is being watched.

Anonymous VPNs provide their users access to the internet without exposing their IP address or any other geo-locating tag by tunneling the user’s internet traffic through a remote server. Without a VPN, such information could easily be used to determine the identity of a computer user and their location. This past month, the ACLU claimed that IP addresses and geo-locating tags were used by local law enforcement to determine who attended Black Lives Matter protests in Baltimore and Ferguson. By using anonymous VPNs these sorts of surveillance efforts are critically compromised.

Furthermore, by rerouting through a remote server, VPNs also often allow users to circumvent censorship protocols and access information otherwise blocked in their area.

 While different VPNs operate in drastically different ways, we recommend the anonymous VPN TorGuard, which runs a shared IP configuration across all of its servers. This means that every member of the network, regardless of where or who they are, appears to be working on precisely the same computer at the same location. Since TorGuard’s server holds no log of who is using it, all users are protected and completely unidentifiable to any other party, even TorGuard itself. Furthermore, all of TorGuard’s traffic is strongly encrypted, so if data were to be intercepted, there would be no way to find out what that data is.

 While PGP works like a lock and key, TorGuard’s VPN works like “I’m Spartacus!”  where everyone, by accepting the same identity, becomes unidentifiable and protected by the community against accusations of wrongdoing. 

 

END-TO-END ENCRYPTION FOR SMS

For those who own smartphones, one of the fastest ways to curb government surveillance and preserve privacy is by switching from in-house messaging applications (such as Apple’s Messages or Android’s Messenger) to third party applications that prioritize encryption and security.

For instance, Signal (which is free of charge and can run on both iOS and Android) not only provides stronger encryption than standard SMS, but the company also maintains no trace or record of its users. Therefore, if law enforcement were to ever ask Signal to turn over their users’ data (a shockingly common practice), they would be unable to comply, preserving their users’ privacy. Signal also encrypts user phone calls; in fact, the encryption protocols used are written by PGP’s own Phil Zimmermann.

While this is by no means an exhaustive list of programs, incorporating these encryption measures marks an essential step in preserving one’s privacy and security. Especially now.

 

Jonah Max B’18 [AD2FABA4]