Wednesday, July 31, 2013

New NSA Leak Confirms NSA Knows All You Do Online; Here's How to Stop Them


In rather depressing news (not that it should surprise anyone, however), it does indeed appear that Edward Snowden wasn't lying when he said that just about any lowly NSA analyst can find out literally everything that pretty much anyone does online (warning to those who work in the military-industrial complex: clicking on that link [or indeed, probably reading the below] will technically turn your computer into a machine covered by Top Secret clearance protocols):
A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden.
The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet.
The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight.
The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10.
"I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email".
US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: "He's lying. It's impossible for him to do what he was saying he could do."
But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed.
If you want to check out the original training slides, you can read them here - scary stuff, though again, and unfortunately, I'm not particularly surprised.

So, it turns out once again that the government was lying to us, while Snowden was telling the truth. Surprise, surprise.

Obviously, this is terrible news. As has been repeatedly pointed out by courts and privacy advocates, the right to privacy is a fundamental right that should be enjoyed by all, and the government should have to prove probable cause and obtain a warrant in order to be able to violate the privacy rights of an individual, whether a US citizen or not.

The NSA is apparently wiping their collective asses with the right to privacy by attempting to suck up all internet data about everyone all the time.

Here's how you can protect yourself from the prying eyes of the NSA.

Disclaimer: This is not easy or cheap. I do not and am not going to bother to go through these steps to protect my own privacy from the NSA, as the inconvenience of doing so would simply be too great, considering that I am doing nothing that I can possibly imagine would make me even a remotely interesting target to the NSA (with the possible exception of writing this article, I suppose). However, since I value the right to privacy, I will vote for any politician who promises to reign in the NSA's abuses, and I will vote to reelect any politician who follows through on reigning in the NSA's abuses. Furthermore, I believe that anyone who wants to should have the right (and knowledge) of how to escape the prying eyes of the NSA, if they want to embrace the burden of undertaking this difficult task.

0. The easiest way to keep away from the NSA's prying eyes is to simply go off the grid - no internet, email, Facebook, or anything of the kind. You will only communicate through the U.S. postal system. However, since the U.S. post office photographs the outside of every piece of mail and logs it for law enforcement purposes, you'll have to invest in non-see-through envelopes, you can never write return addresses on your letters, and (preferably) you'll drop all your letters into random post office boxes around your city/town (or, even better, in nearby cities and towns you don't live in). Of course, everyone you correspond with will have to do the same, and there's no way to confirm that the person received your letter. But this, in theory, should keep the NSA out of your affairs, and in theory, the government should require a warrant to read the contents of your correspondence.

1. However, we are going to assume that you want to continue to use the Internet in some fashion or another. Nevertheless, in order to do this, you have to go somewhat off the grid. The first thing you'll have to do is close all of your banking, credit card, and other accounts (or if you HAVE to have a bank account to receive your paycheck, pay some bills that don't accept cash payments, etc., then you can keep one checking account) and put your money in cash. You are now going to be a cash-only (well, not quite, but we'll get to that in a minute) person. (Strictly speaking, this step isn't necessary to protect your Internet activities from the NSA, but you should assume that the NSA has access to every single transaction you make in any financial account you have.)

2. With your new wad of cash, go buy a new computer (either a laptop or tablet, but I'd recommend a laptop, as they're more versatile than a tablet). You are ONLY going to use this computer for Internet activities you want to keep secret from the NSA. NEVER USE THIS COMPUTER FOR ANY OTHER ACTIVITY EVER - ONLY FOR THOSE ACTIVITIES YOU WANT TO KEEP PRIVATE FROM THE NSA. And, obviously, never do anything on this computer that might be personally identifiable.

3. Take your new computer to a public place with free wi-fi - a cafe, hotel, etc. Download the Tor Browser Bundle. Disconnect from the wi-fi. Install the Tor browser bundle.

3.5 [Post-publishing addition]: The TOR Project just announced a vulnerability in older versions of the Tor Browser Bundle for Windows that apparently is currently being exploited by the NSA to identify TOR users. As best I understand, even IF you had been using a vulnerable version of the Tor Browser Bundle, you still would have been safe, IF you had followed my entire guide to the letter. However, just to be ridiculously cautious, it would be best for you to build your own Linux Live CD / USB with Tor and OpenVPN preinstalled (if you're tech savvy enough to follow the rest of this guide, you're tech savvy enough to build your own Linux Live CD - there are a bunch of tools out there that let you do it with just a few clicks) - that way, you'll be using only Linux on this computer, and nothing that you do will be saved from one use of the computer to the next.

4. Go to a DIFFERENT public place with free wi-fi. Fire up the Tor Browser Bundle (in case you didn't realize, you'll be doing ALL of your interneting through the Tor Browser Bundle). Read up on how to deal with Bitcoins - you'll be paying for all of your online activities you want to hide from the NSA with bitcoins. After you have a comprehensive understanding of bitcoins, go to https://localbitcoins.com/ and arrange to buy some bitcoins with your wad of cash. I'd buy a few hundred dollars worth - bitcoin value is still quite volatile, so you don't want to buy too many extra at once.

5. Go to a THIRD public place with free wi-fi. Fire up the Tor Browser Bundle and go to AirVPN.org - it's a Europe-based VPN service with complete emphasis on privacy. Sign up for a year's worth of VPN service with bitcoins, and read up on how to use VPN with TOR (https://airvpn.org/tor/).

6. Go to a FOURTH public place with free wi-fi. Fire up the Tor Browser Bundle with VPN over TOR. You can now do what you want online while being relatively secure that the NSA cannot associate your online activities with you personally. Keep in mind that, while doing this, you should not engage in any activity that is associated with your real name, address, email address, social security number, or anything else that might be personally identifying. You should sign up for a new anonymous email address (https://www.hushmail.com/ is a good choice) if you want to do email and only use it with VPN over TOR on this computer and never use it at any other time or on any other computer.

7. Now the truly hard part begins - anyone else you want to communicate with online has to go through all the same steps above. You can never mention each others' real names in any communications. To exchange your anonymous email addresses, you should use semi-anonymous letters as described in Step 0.

8. There are a few other tools that will help you communicate with others online (as long as they've gone through all the steps above as well) - you can use an extension called Off The Record ("OTR") to encrypt your chats. There are also ways to try to make video or voice calls securely, but honestly, the performance of your VPN over TOR internet connection will probably be too poor to allow for such things.

There are without a doubt a few downsides to keeping your Internet activities private:
  1. It is expensive.
  2. It is ridiculously inconvenient.
  3. You'll have to stop many of your current internet activities (e.g., regular emailing, Facebook, anything associated with any personal information, etc.).
  4. This system is only as secure as the weakest link in the chain, which is probably the other person you're trying to communicate with securely - they have to follow all of the above rules too.
  5. The NSA will still be keeping your data, potentially for a long time, since it will be encrypted. However, it will be doubly (and perhaps triply, if you're using encrypted email or chat) encrypted, making it very hard for the NSA to crack. And even if they do crack it, there shouldn't be any personally identifiable information for them to crack. Furthermore, you'll be hiding all important metadata from them as well.
As I said at the outset, jumping through all these hoops just isn't worth it for me to keep my internet habits out of the hands of the NSA - instead, I'll support politicians who promise to stop the NSA's blatant, unconstitutional abuses.

However, if you value your privacy so highly that you are willing to go to great lengths to protect it from everyone, including the NSA, I figured you should at least know how to do it, since I think you have a right to your privacy.

Wednesday, July 10, 2013

Arrested Development Season 4 Was Terrible; Here's How to Fix It

That's right - your big comeback season was bad, and you should feed bad.

I don't often comment on popular culture here on this blog - for one thing, there's not much popular culture that interests me, and what little pop culture I consume I don't take seriously enough to think and blog about. But, today, I'll make an exception.

Many, many people (including me) were looking forward to the return of Arrested Development - it was an excellent and funny show, cancelled during its prime. After a multi-year hiatus, Netflix picked it up to develop a 4th season as an original production - hooray!

The only problem - the 4th season is terrible: "Essentially they've taken a typical Arrested episode, blown it up, and dissected it into fifteen parts. Thus all the swiftness and brisk efficiency has been sapped, each overly long episode struggling to get through a lot of plot in order to justify its existence as a standalone entity." Oh, and let's not forget repetitive - good God, the episodes get so repetitive. Think Pulp Fiction, but done really, REALLY badly.

Ouch. But that's not the worst of it - according to some critics, it's Jar Jar Binks terrible. Now THAT is harsh.

Fortunately, there's a way to fix most of the 4th season - namely, by chopping up all of the disjointed episodes into individual scenes and editing all the scenes back together in chronological order. The result is a much better, funnier 4th season that much better showcases how the characters interact with each other, that doesn't leave you wondering why something happened for 10 episodes (seriously, in the original edit, things that happened in the first and second episode weren't explained until the last two episodes), and that is generally possible to understand.

Even more fortunately, someone has already done this for you - Reddit user morphinapg took all 15 4th season episodes, hacked them up, and rearranged the pieces into 12 chronological episodes that are FAR better than the original 15.

Undoubtedly due to copyright reasons, the only place to watch this chronological edit of season 4 is via a certain Bay of Pirates - link here. Obviously, I wouldn't suggest clicking on that link at work; otherwise, you'll have some explaining to do to your IT department. Furthermore, since the only way to get them is via public torrent, there's a small chance that you yourself might get a nasty letter from your ISP for downloading them - but if you're following my advice to protect your internet habits from the prying eyes of your ISP and (somewhat) from the NSA, you shouldn't have anything to worry about. You're protecting your online privacy as a matter of habit anyway, right?

"But, Angry Bureaucrat, aren't you advocating piracy?" Well, the law might say so, but no, I don't think so. I have a Netflix account, so I have unlimited access to watch the original (terrible) season 4 - since I'm already paying for the original, why shouldn't I have the right to watch the remix as well? US copyright law is ridiculous - if it is considered infringement for someone with a paid Netflix account to watch this remixed season 4, that's just another example of US copyright law being extremely outdated, to the point of being pointless and useless.

(I'll note that if you don't have a Netflix account, you can sign up for a 1 month free trial, and then watch the chronological edit of season 4 guilt-free, as far as I'm concerned.)

If you're so inclined, I supposed I'd recommend watching the original season 4 first, so you see it how the director intended first (and so that you can appreciate how much better the remix is from the original).

But if you're only going to watch season 4 once, watch the chronological edit - trust me, you'll thank me for the tip.