I am surprised that the EFF is recommending two factor auth instead of avoiding Google, Facebook etc. at all. Also no mention not to use certain proprietary OS.
There is a motto with helmets in many sports I have participated in:
The best helmet, is the helmet you will wear
The rms approach, while effective, is untenable for most people. Sometimes more moderate livable recommendations will wind up doing more good, because people will wear them.
Exactly! While 2-factor is a good defense against data/identity theft from criminals or malicious hackers, I don't think it'll be of much help against governments.
In fact I'd argue that 2-factor authentication actually helps governments and private Internet companies because we willingly associate our mobile phones to our Internet accounts.
I guess this list is aimed at everybody: it can be implemented without breaking too many habits, and with minimal knowledge.
Having everyone use SSL is better than nothing (and provides some amount of herd immunity to those that need to hide their communication).
Two factor auth protects against a number of threat classes, such as the "local criminal" they mention. People might not care about the NSA, but there are plenty of other reasons to care about security.
Right before the list they state that these only provide incremential improvements.
The last step might lead people to prism-break at some point (eg. during crypto parties).
> I guess this list is aimed at everybody: it can be implemented without breaking too many habits, and with minimal knowledge.
That's kind of the problem here. The whole situation is in such an advanced stage and so pervasive and based on such "advanced" technology that we simply can not get out of it by keeping our silly little habits that we're so used to. (And yes, it includes shunning the NSA partner companies' products: Google, Microsoft, Skype, Apple, Facebook, Yahoo, Paltalk, etc.)
This situation requires drastic measures, on the individual/personal level as much as on the societal level.
I guess I'll take EFF's marketing approach over yours:
My impression is that the article is for people who would be overwhelmed with prism-break (and couldn't do _anything_ with that list of tools - prism-break.org isn't very actionable without prior knowledge).
If someone without ITsec experience comes up and asks what to do about that nasty NSA stuff they've read in the news, and you tell them to drop their operating system ("Google, Microsoft, Apple" includes Windows, OSX, iOS, Android, Windows Phone), the applications that run on top of them, and their Internet based communication (Skype and Facebook), they'll probably ask you where they could buy a box of index cards and post stamps, and how to build a hut in the forest. And then turn around and change nothing.
That list provides a way to reduce the attack surface - not particularily against the NSA (because of the backdoors), but certainly against the Firesheep instance running on the neighbor's laptop in the cafe.
It also raises awareness without overwhelming newcomers.
Let them lock down their in-flight communication. You can still tell them about endpoint security later (and why US based corporate silos are a problem in that regard), so they can "level up".
If that list isn't radical for you, you're probably not the target audience.
For now, please note that it doesn't end with "you're done. Congratulations, you're now secure!", but with crypto parties and other ways to raise awareness - those are great places to consider and implement more radical steps towards security. At least if people are around who can lend a hand.
They're also not recommending air-gapping or converting your home into a Faraday cage. Sarcasm aside, "switching operating systems" and "switching email providers" are not exactly "steps you can take right now" (for values of "you" that include the average computer user). Maybe they're being realistic and trying to give people some low-hanging fruit that they can do to significantly increase their security that require minimal intrusiveness into their daily life and minimal technical knowledge.
I kind of agree with you here. Especially if it's tied to your identification personally. If you have an X@gmail.com or Y@yahoo.com then you're essentially at their mercy. But if you just buy a domain for 10 bucks a year, you can go to your registrar's page and forward mails from catchalls @FNLN.com to your secret X@gmail.com. If you don't like them, download it to outlook and move on to Y@yahoo.com and change the setting at your host record page. That is literally it. Your cost here to switch is the time it takes to download messages to your computer and close the account, sign up for a new account and redirect your alias to the new account. I would ideally automate step 1 as soon as I have opened an account.
You are not 'locked-in' to one provider as your custom domain name becomes an abstraction between your identity to the real world and your storage space/identity to servers. You can change the latter without changing the former. Of course, if you were early enough you could've snagged a Google Apps account, or if you're just entering the scene, you can get a Live Domains account. The only down side is that they don't have catch-alls, so you can have an on the fly email address like hn@FNLN.com for signing up at different websites.
"I am surprised that the EFF is recommending two factor auth instead of avoiding Google..."
Yes, I was surprised by this too. Giving away your mobile phone number is not something I'd consider doing lightly. What's more, Google have a poor record on privacy matters.
If you provide your phone number to Google, who has access to this info at the company? Is your phone number encrypted so that no-one sees it at Google? i.e is it only accessed by automated computer systems? Do they have strict procedures in place that allow access to authorised staff under particular circumstances only? Do they tie your number to other tracking info? (Of course, Google would never reveal this, but it wouldn't surprise me if they did).
I think these are perfectly legitimate questions to ask when a company stores your personal information. And particularly for a company that has greater oversight of online activity than anyone else. We don't know the answers to any of these questions, because Google's vaguely-worded privacy statements tell you nothing. (The help text when signing up to a Gmail account simply states "your phone helps with keeping your account secure...")
You might feel you can trust Google on matters of security, but can you trust them on matters of privacy?
> Giving away your mobile phone number is not something I'd consider doing lightly.
Why? Unless you're a world famous celebrity no one is going to call you. I put my Google Voice number all over the place and the only issue I have is with recruiters.
The use of 2FA is clearly irrelevant to the issue of NSA internet surveillance. If the traffic is encrypted (and they can't decrypt it), then the authentication mechanism is irrelevant. If the data is stored in the US, they have access to it via Lawful Intercept capabilities, and therefore the authentication mechanism is irrelevant.
Of course, one should use 2FA whenever available, but it has nothing to do with avoiding surveillance. Indeed, it creates a stronger link between an account and an identity, i.e. anonymous twitter account + 2FA w/ mobile phone number == not anonymous.
Two-factor authentication requires me to give my phone number to the companies whose products I use. That way, my Facebook profile can get associated with the GPS location that my mobile phone may transmit. This does not seem like a good measure for privacy.
Sigh. If you bothered to read the article, then you'd know that it doesn't say anything about donating to the EFF. There isn't even a link in the article to donate.
All last point asks is people to support Stop Watching Us rally and other campaigns against bulk spying, run a Tor node, or hold a cryptoparty.
Your comments on surveillance tactics/hunger/climate change is just bringing up irrelevant arguments, so I won't address them.
P.S. Sorry to go on a rant, but I miss the days when people actually RTFA. (aka never gonna happen).
"After suspected abuses of the USA PATRIOT Act were brought to light in June 2013 with articles about collection of American call records by the NSA and the PRISM program (see 2013 mass surveillance disclosures), Representative Jim Sensenbrenner, Republican of Wisconsin, who introduced the Patriot Act in 2001, said that the National Security Agency overstepped its bounds. He released a statement saying “While I believe the Patriot Act appropriately balanced national security concerns and civil rights, I have always worried about potential abuses.” He added: “Seizing phone records of millions of innocent people is excessive and un-American.”"[1]
I find it significant they still recommend using Tor even after a seeming exposé a couple weeks back. [1] Is it the fact that some measure of security is better than none or it makes surveillance incrementally harder?
Tor is still the best solution for online anonymity, even with the shortcomings it has. (low-latency for one). The exploits were related to the Tor Browser, not the Tor daemon/network.
Is it possible for the NSA to do timing analysis if they control all internet backbones? They've installed that special room at AT&T to gather traffic. If they do that at enough ISPs would it be possible to reveal all Tor hidden services operating from within the US?
Tor is the lazy man's attempt at anonymity. I wouldn't trust it since it receives the majority of its funding from the US Government, and that government is the reason many are looking for anonymity.
For better anonymity, ditch your cell (tracking device) and use open wifi networks, with a fresh MAC address each time (you can't necessarily trust routers at $Coffee_Shop to not identify who you are).
If you think the government is one coherent entity with all of them wanting to become Big Brother, you are wrong. The fact that Tor gets its funding from the US government is irrelevant. The source code is out there for you to see and inspect and has been done so by many researchers from universities around the world.
The more people TOR use, the more secure it becomes. All attacks base on analyzing incoming and outgoing traffic or monitoring nodes which use outdated tor version. And why should be using "open wifi networks" more secure or anonymous? You don't know whos running them and who you can trust. With TOR you could still go over open wifi while having not (or much less) to worry about who may be sniffing on that wifi access point.
From a game theory perspective, if an adversary has an effective tool, defeating that tool and creating enough doubt that the adversary no longer uses the tool are equivalent.
The major vulnerabilities sound like details of implementation alone. Then there is a difference between the more easily lost privacy and the less easily lost anonymity.
Finally, people who are actual experts seem to think it remains a tool for anonymity, and explain why in a credible way.
Yes, the NSA attacks Tor, but the same documents also show they've had very little success, other than the occasional bugs in the Tor browser, and with people not updating those browsers.
But other than that, Tor is by far the best thing for your privacy right now.
On the other hand , tor is considered not secure against someone who can wiretap all or most global data(global passive attacker) , and cooperation between NSA and five eyes countries seem to fit the definition.
And tor has some weaknesses to active attackers, meaning people who control behavior of many routers, to some extent.I believe there were documents showing the NSA has this capability.
But it would be truly helpful to NSA to create the illusion that TOR is cracked. Maybe that's the point of the documents you're talking about.
I think this list provides some better overview of alternatives: https://prism-break.org/