Wednesday, November 14, 2012

Some Lessons from the Petreaus Investigation

This article explores the privacy implications of the Petreaus investigation, including how easy it is for authorities to search and review emails. The author concludes:
The upside of this: It is easy to discover the identity of anonymous emailers unless you use a program to scramble your unique ISP address (HMA! Pro VPN is one) or you browse the net through a packet-scrambling service like Tor. Even then, you're vulnerable every time you open a document or a program, because it might contain code that alerts a computer somewhere else that you'd performed an action. Obviously, every ISP address associated with a unique computer is easily obtainable through a subpoena, so emailing anything sensitive from your personal computer leaves you vulnerable. If you send the emails from a public computer or through a wi-fi service used by a hotel or business, the government can figure out your identity by cross-referencing other information they can obtain with a warrant or subpoena too.

And what about text messages?

The good news is that most carriers don't keep the content of them for very long, but they keep the transactional records for years. And unless you wipe clean your iPhone or Android about 5 times over, the FBI is probably going to be able to recover your conversations from your own internal storage. If the government gets an order to monitor your phone in real-time, your only recourse is to use a commercially available text encryption program like Wickr or SMSEnrcrypt or TextSecure. It is also difficult to prevent real-time monitoring of your location, even if you turn that feature off.

No comments:

Post a Comment

Ragnorok Part XIV -- Escalation

Things are hearing up quickly in the Russian-Ukrainian conflict. I saw a meme from the Babylon Bee a week or two ago stating that the Democr...