How to hide your data from Internet snoops
 |
NSA leaker Edward Snowden says encrypting e-mail makes it unreadable by the National Security Administration.
Editor's note: Doug Gross covers consumer technology and the Web for CNN.com. Follow his updates on Twitter or add him to your Circles on Google+.
(CNN) -- Let's face it: Most of us don't e-mail, tweet, text or post anything worthy of clandestine scrutiny.
But having concerns about NSA cybersnooping doesn't mean we must surrender all privacy -- what's left of it -- in our day-to-day online activities.
It's easy to forget that
we're volunteering basic information about ourselves in return for free
e-mail, social networking and other digital services. And let's remember
that third parties -- from government agencies to cybercriminals -- can
get their hands on even more personal stuff if they're actively trying.
So, whether it's due to a
vague fear of Big Brother or a more specific desire to keep your bank
information out of the hands of thieves, you might be considering ways
to keep your communication more secure.
 |
Apple discloses data request numbers
 |
Snowden: Hong Kong was easiest answer
"So much that's
geo-political, so much cybercrime, so many struggles of various types
are being played out in terms of information security today," said Wade Williamson,
a senior security analyst at Palo Alto Networks. "It's not just that
people decided to get interested in encryption all of a sudden."
CNNMoney: How to hide from the NSA
Specifically, encryption has come up a lot in recent days. For one, NSA whistleblower (some would say "traitor") Edward Snowden said Monday in an online question-and-answer session that e-mail encryption is an effective way of foiling government surveillance.
"Encryption works," he
wrote. "Properly implemented strong crypto systems are one of the few
things that you can rely on. Unfortunately, endpoint security is so
terrifically weak that NSA can frequently find ways around it."
Encryption is a method of
securing your files, including e-mail, by encoding it so that the
intended recipient can read it, but anyone who may intercept the message
along the way cannot.
An encryption tool turns
your original message (called "plaintext") into a garbled mess (or
"ciphertext") while it's flying from Point A to Point B. The system
gives the approved recipient a decryption tool which makes the text
readable once it arrives at its destination.
With all of the renewed
interest in online privacy, we talked with Williamson about ways to help
keep your data secure -- before, during and after sending it.
Before
First things first. There are ways to make your contact with every website you visit more secure.
A "secure sockets layer"
(SSL) provides a layer of security during everything from Web browsing
to text messaging. Many major websites offer the option of using a
secure connection all the time. Williamson and other security experts
suggest doing this when given the option.
If not -- sometimes it can be as easy as tweaking "http" to "https" in your browser's address bar.
"By and large, you can just throw an 'S' into the URL and go to town," Williamson said.
There are also tools like HTTPS Everywhere, a free extension for Chrome and Firefox browsers, that encrypt your connection with most major websites.
Obama: I'm no Dick Cheney
During
Most major e-mail
services, like Outlook and Gmail, offer some form of encryption. Check
your e-mail's security settings for options.
But for people who are
really worried about their e-mails being intercepted -- and that's
always just an unsecured network and an eager hacker away -- Williamson
suggests buying encryption software. (Note: His company focuses on
network security and does not sell encryption software to individuals).
With many of the
systems, customers will get digital "certificates" for themselves called
private keys. Everyone with whom they want to share encrypted messages
will receive public keys.
Using such a system, only someone with one of a user's public certificates could descramble a message's content.
After
So, your data may be
secure while it's hurtling through cyberspace. But what if somebody
breaks into your car, where you stupidly left your laptop, and makes off
with it?
That's where disk encryption comes in.
There's some free disk encryption software floating around in the open-source community, but for most folks this, too, will cost some cash.
In effect, disk
encryption scrambles everything stored to your computer, requiring a
password or other approved recovery tool to decode it. So, if your
computer falls into the wrong hands, all won't be lost.
To summarize, there are
lots of encryption and other security options out there. Some are quick,
easy and free. Others are going to cost money for specialized software,
hardware or both.
To find a level of
security you're comfortable with, start by poking around with security
settings on your browser, e-mail client and favorite websites. Then
consider whether you want professional help to get to the next level.
No comments:
Post a Comment