Whither Privacy?
An earlier version of this essay used the title "Wither Privacy," as in the term used for withering flowers, or shriveling plants.
That was a joke!
But the withering of privacy is no joke, and the lack of a sense of humor on the part of those who took me to task for using the "wrong" word is not funny either. So, if you find an older version with the other title, know that I have purposely changed it.
The media has been atwitter of late with countless stories about how "they" are snooping on our private data. For example, a recent report in the Guardian loudly proclaimed the "Death of the Internet as We Know It." They claimed that cloud services Google, Microsoft, Apple, and the rest are all in the back pocket of the NSA; therefore, they are not to be trusted. The writer further suggests that all their users will soon abandon them.
Such claims are not without justification. The news is rife with tales of hackers stealing data, various entities, sometimes under the color of authority, raiding a political opponent's cloud storage without due process, and so forth. However, I do not see Cloud storage demand lessening any time soon.
But we need some perspective!
May I ask when has ANY communications media ever been private? I mean, seriously, what time, what era, can we point to wherein one's communications were private? Even the earliest days of electronic communications were an open book to anyone who cared to look. Then, of course, there were, and still are, laws against such snooping, a sop to privacy, to be sure, but laws rarely prevent crime.
As individuals, I might even argue that our private conversations and communications are today more so than they have ever been in recorded history despite the ongoing flap. Moreover, the advancement of technology has made it much harder to engage in casual snooping, relegating such activities to entities with deep resources and deeper pockets.
In the early days of the telegraph, confidential messages transited the network openly in cleartext. At each end of the line, the telegraph operators and any relay points between destinations saw and read the messages. Many a pioneer town Marshall routinely snooped around the telegraph office to keep track of the "bad guys" messages—or even those of anyone they wished. One of my favorite historical westerns, HBO's Deadwood, devoted several plot twists to the interception of confidential messages carried by the "Black Hills Telegraph Company." Partly fictional, to be sure, but firmly entrenched in historical reality. Schemers and businessmen alike have always obfuscated their communications with a fascinatingly complex series of codes and ciphers. An order for "ten pounds of bananas" might as easily be ordering someone's death as ordering fruit supplies for the local grocery. Whether banker or Mafioso, the communications medium has always been considered untrustworthy, for good reasons.
Eavesdropping was nothing new with telegraphy. Codes and ciphers obfuscated all manner of secret doings long before electrons played any role in communications. For example, in the court of King Henry VIII, a note delivered to a paramour had best be delivered in person if secrecy is paramount.
The advent of the telephone changed not a thing. Just as with Telegraphs, Telephones had operators, and growing up in the era when the operator might be listening at any moment, one learned to be careful divulging secrets. Also in common with telegraphs, early telephone systems often were "Party Line" arrangements, and in these cases, not only operators but one's very neighbors could be listening at any time.
Early cordless phones transmitted our intimate conversations in the clear using analog radio. Anyone with a cheap scanner could routinely listen in on their neighbor's calls and often did. Analog cell phones likewise carried their voice signals openly and could be routinely listened to via any TV with an analog UHF tuner. In January of 1997, a private cell phone conversation between the House Speaker and his strategists was illegally intercepted and taped by Democrat operatives, making headlines and embarrassing the politicos. That such a "private" phone conversation was so public caused barely a ripple then. Today we are encouraged to high excitement because our government spooks might be looking at our "private" communications while searching out would-be terrorists and murders. I admit that the idea of my private conversations falling prey to government scrutiny bothers me on a visceral level, but I am hardly surprised.
That J. Edgar Hoover might take an interest in our private affairs was far more remote and far less concerning than what Gertie Hornswaggle the town gossip might overhear. Those with secrets found ways to keep them. Those who failed found their assignations featured in Gertie's Galloping Gossip or even in the national papers, as happened to the unfortunate House Speaker.
Party lines have disappeared, telephones have gone digital, and we have stopped talking to operators. Gertie is intensely frustrated because the advancing technology has made her snooping a lot more complicated. Due to automation, we have lost sight of the remaining human involvement in our networking, and somehow we have lost our privacy concerns. Just because we do not interact with a live operator, or hear our neighbor's ring code, does not mean our calls are suddenly genuinely private. Harder to intercept, to be sure, but not that difficult for those with the means. We developed an expectation of privacy that was unwarranted.
When computers came along, they were big, expensive solitary machines in locked rooms. Computer security once meant locking the door! Then computer networks were invented, and security went right out of the window! The idea that any data stored on any computer connected to any network is somehow inherently secure is laughable. Pretty much anything you read, write, say or do on a computer is logged somewhere. So if you genuinely wish to keep it a secret, DON'T PUT IT ON A COMPUTER!! Especially not one connected to a network.
There is no privacy fairy. If you wish to keep secrets, you have to work hard at it, and despite your best efforts, there is always a level at which hackers, or faux officialdom, can breach your secrets. Even if you put your data on an encrypted thumb drive and store that thumb drive in a bank's safety deposit box, it is still not safe from the prying eyes of the state-sponsored busybody if they are motivated to look. Officials can open bank deposit boxes with a warrant, and most encrypted files decrypted with sufficient effort.
Troublemakers of all sorts have long known how to keep secrets. The current flap about privacy is more about inflaming a gullible public than about genuine privacy issues. Getting the "Low Information" citizen excited and demanding action serves a variety of ends, not the least of which may be electing someone to power based on promises to "fix" the unfixable.
Unlike the schemers of Deadwood, we have numerous tools to encrypt our data. While no encryption is 100% proof against being unlocked, it can be extraordinarily challenging to do so if we use the proper tools. As long as the difficulty exceeds the resources, or motivation, of one's adversary, it is sufficient.
A cloud folder encrypted with a 4096-bit key is relatively secure, even against the NSA. If you use appropriate tools, you can keep your secrets. Mostly. The thing is, though, the NSA is not especially interested in your data files, be they personal financial records or your porn collection! While there are exceptions, their overwhelming interest is not in your data but with whom you share that data. Codes and ciphers might hide the actual data but do not hide the sender and recipient. So it is not that you have stored this encrypted folder on a cloud service, but whom you give access to it that is interesting. That is why there is so much interest in the so-called "meta-data" about phone calls, texts, and emails. They are about conspiracies, and conspiracies involve two or more individuals. As soon as that data transits an electronic medium, many secrets lay exposed, even if the encrypted information is not.
Recently we learned that the government is photographing the front and back of all our US Mail. They are not so much interested in the contents of our letters as with whom we correspond.
If you are not conspiring to overthrow the government or commit acts of violence, you probably do not care who knows your associates. If you merely wish to keep the contents of your data private, it is reasonably possible. There is no privacy fairy, but there is encryption. Encryption, when used judiciously, can protect valuable files from prying eyes. Remember, though, encrypted files stand out like a sore thumb, screaming "here I am, I have big secrets" to anyone interested—and encryption is a royal pain to use. Nevertheless, there are numerous tools available for anyone interested in encryption.
It is beyond the scope of this treatise to provide a How-To tutorial in the use of such things, but I will recommend a few tools. The grand-daddy of personal encryption tools is a little thing called PGP, which stands for "Pretty Good Privacy." Despite the understated name, the privacy is more than "Pretty Good." PGP implements the OpenPGP standard and is a commercial product sold by Symantec, the same people who market anti-virus software. An open-source set of tools that some consider even better is called "GnuPG," which stands for Gnu Privacy Guard.
Encrypting hard drives is a need for which there is simply no better tool than TrueCrypt. TrueCrypt is also Open Source and freely available. For the casual encrypted file, the open-source archiver 7Zip offers some excellent features.
It is one thing to simply put a password on a file or an entire hard drive. You only have not to lose that password, and you can recover the data intact. Although in this simple case, it is not apparent, there is another function happening deep under the covers. Encryption is more than obfuscation. Of course, it obfuscates or hides the data from private eyes, but it does more than keep data secret. It also authenticates the data, verifying that the data is intact and is unaltered—encryption vs. Authentication. Authentication is just as important, if slightly less obvious. Recovering encrypted data is useless if you do not have an assurance that the information is, in fact, intact and unaltered.
If you need to share encrypted files, these two distinct requirements become separated, in a sense, and the distinction becomes more apparent. You need to be able to encrypt your data so that only the intended recipient can read it, and you also need to authenticate that you are, in fact, the author and that the data remains unaltered. This separation of functions is accomplished by, in a sense, separating the functions into two distinct parts via a technique known as "Public Key Cryptography." Do not let the techie name intimidate you, as it is a pretty simple thing.
A complete treatment of this topic is beyond the scope of this short treatise. Nonetheless, it is a straightforward process. In Public Key Cryptography, every participant has two keys. The public key you tell to the world, and the private key you keep, well, private.
There are several ways to use these keys, but the general gist goes like this. You write a document and encrypt it with your private key. Anyone who has your public key can decrypt it and KNOW that it came from you and remains unaltered. Doing so accomplishes the authentication function and is all well and good as far as it goes, but it does not keep the message secret since the public key used to decrypt the data is widely available. Authentication that the claimed author indeed wrote something and that no intermediary has altered it is valuable, but anyone can read the data. So you effectively have Authentication without encryption.
If, on the other hand, you want ONLY one person to read it and no one else, you encrypt it with THEIR Public Key. Now only their private key will decrypt it. You cannot unlock it with the public key used to encrypt it. It is a one-way process! Once encrypted, it is locked until the recipient opens it. Your secret makes it to their eyes, and only their eyes. That sounds good, but how do they know it genuinely came from you? You have, effectively, Encryption without Authentication. After all, the whole world has the Public Key, and anyone could encrypt a file and claim it came from you.
The solution is a two-step process. First, encrypt the file with both the recipient's public key and your private key. It's slightly more complex than that, but that is the effective result. Then you have a file that only the intended recipient can read and only you could have sent. Anyone else can neither authenticate it nor decrypt it.
If someone knows you have a secret and can bring enough force to bear, they can compel you to give it up. Supercomputers can—given enough time—break any encryption. Threats and legal action can force you to reveal the passwords. The best way to avoid this situation is not to appear to have any secrets worth telling. One way to do that is to encrypt virtually everything, including trivial things.
If forced to give up passwords, give up passwords to trivial stuff freely, and convince your adversary that you will give up everything because you have no secrets. A single encrypted file on a hard drive is like a red beacon drawing attention to itself, but a thousand or two hides the crucial one.
Consider another facet of the secrecy puzzle, "Plausible Deniability." Rather than feigning innocence, misdirect and allude to a lesser sin. For example, if accused of hiding untaxed Crypto wallets, leak the password to your porn collection. Your adversary may chide you for the porn but miss the much more valuable information.
VeraCrypt implements this idea in the disk encryption software. A disk encrypted using this option has two partitions, one that stays hidden. Give one password, and the porn collection appears, yet a different password yields the essential secrets. Thus, when asked why you have an encrypted disk, the porn collection is reason enough. There is a chance your adversary will look no further.
Don't get too smug, however! Hidden volumes with multiple passwords is a well-known concept in spook circles, and a computer forensic expert can easily spot such subterfuge. If you're really into something nasty, you had best find more elegant ways to hide your affairs.
I certainly do not endorse encryption to break the law. However, if presented with proper warrants and due process, I encourage anyone to cooperate fully, as I would. Provide whatever data named by the court and face whatever scrutiny is appropriate.
Remember that it is not so much what the secrets are, in which the spies and spooks are interested, as to whom you are telling them.
And that is another problem entirely.