This is a long post, a general consumer-level survey, distilling what we can know from public revelations.
Snoopers: There are four kinds of snoopers.
1. Government espionage: If you are targeted as a national security threat, they will get you. Your best bet is to avoid using electronic devices at all. Travel on foot and never stay anywhere long; keep a guard dog with you and learn how hobos survive. Don’t think in terms of defense, but in terms of being impossible to catch. There is no safe country, though some are slightly better than others, depending on who is after you. Don’t hide in the middle; if you aren’t globally famous, be invisible. It’s not that they are so competent, but that their resources are overwhelming.
2. Government criminal investigations: This requires you have either sponsorship from a powerful figure or a calm and reflexive paranoia, but you can generally avoid getting caught because the general level of competence is highly limited, and so are resources. That makes it a question of you investing enough smart effort in staying ahead of them. You’d be amazed at how many folks they want to catch and do not, never mind how many folks they don’t even know about.
3. Private snooping: This refers to stalking and the like. It’s highly variable; most predators aren’t that competent and lack sufficient resources. However, criminal organizational backing can tip the scales in their favor.
4. Corporate tracking: Take it for granted. On the one hand, they don’t give a damn about you, only your money. On the other hand, if they profile you, government and criminal agencies can theoretically get hold of it. In this case, the biggest threat is that corporations typically leave the door wide open for snooping from just about anybody because, again, they don’t give a damn.
The standard level of bureaucratic paranoia is a background issue. The hive-mind is always under threat, so it’s just a matter of identifying the threat and taking action. It’s a sick and perverted mindset that turns the most innocuous things into serious problems. As time passes, the perversion gets worse. Reform simply isn’t possible. Don’t imagine plans of fixing this problem; it goes away when the whole system does. Only the rarest gifted bureaucrats can have any influence in such a system, and most of those few are psychopaths. We give thanks that bureaucracies seldom attract any real talent; their incompetence is what prevents things being worse.
Techniques: Our biggest vulnerability is simply not understanding how snooping works. This is the result of social conditioning. While there are forces out there willfully aiming to shape this conditioning, in actual practice, it works out to be a combination of mindless forces each seeking their own limited predatory advantage, paired with the eagerness of the general public to be suckered. So it’s good that you can see the deep dark conspiracies, because they are quite real; but on a practical level of action you need to treat it as entirely natural to fallen humanity.
Our conditioning and instincts lead us to ignore the threat of snooping. We think about it, but we are totally unaware of the real threat. Most people have no idea how much personal data they are spewing into the world and how it can be discerned by watching eyes. And we are not conditioned to think in terms of the virtual world at all; our conditioning makes us miss the point. We hype non-threats and ignore the real problems. This part is generally done to us on purpose; the providers out to make a buck have built a huge infrastructure of lies. Other predators take advantage of that. Meanwhile, the people most likely to help you are marginalized by the infrastructure. There is a sliding scale of awareness and the vast majority of the human race plots in bunches between blithe ignorance and missing the point. Again, the industry itself promotes this for the sake of profit.
Here at Kiln of the Soul, our concern is avoiding the wrong kind of attention. Yours truly has been under surveillance of the criminal investigation type as a result of sheer bureaucratic incompetence. To this day I am officially listed as a cult leader with criminal tendencies, but I’ve dropped off the radar for now. Most of you don’t face any real attention from the government. Our whole consideration rests on keeping up a parallel existence on multiple planes. We want to stay below the radar, so the biggest threat is getting the wrong kind of attention. We trust God to take care of things we cannot touch, but give ourselves arduously to things He places in our hands. I’m not telling you to fear snooping; I’m explaining how it works in case God tells you it matters.
As noted above, you probably cannot prevent genuine espionage as a national security target. Becoming a target of criminal investigation is almost the same as being targeted by criminals seeking profit. Corporate snooping is a threat only because it enables too many other kinds of snooping. Indeed, if we can properly respond to corporate snooping, almost everything else is a non-issue. And for this, the most practical answer is a mixture of avoiding notice plus feeding them false data. Keep yourself out of the standard data streams, but when your calling puts you into that stream, give them nothing useful.
Technology: This is both your greatest threat and strongest ally. The difference is your awareness. Giving you all of the background would be a monumental task for me to write and for you to read. I’m going to construct a model that you can probably grasp more quickly.
The biggest single threat is Win10. Both the hardware and the OS itself leave you wide open to snooping. You cannot safely use Win10; it cannot be neutered and still connected to the Net. You can minimize the snooping, but you cannot turn it off. It’s not just the mandatory telemetry, where Windows constantly ships back to Microsoft detailed data of your use patterns and habits. The hardware itself will betray you. There is a paradox at work here; the only way Microsoft can protect Windows from criminal threats is to protect Windows from you. That is, in order to meet the market demands for fewer mishaps arising from all the ways things can go wrong with your computers and network, Microsoft has to keep you from messing with how it works, as well.
The means of empowering you includes taking away their profit margin. It also means you having to learn so much about it that you won’t have time to actually use the system for anything but doing computer security. That’s inherent in the design of Windows; it’s a highly integrated, centrally controlled and interdependent complexity that no small group of people could ever understand together. Thus, even Microsoft has no effective control. The complexity of the system means that it simply cannot be secured. They have to keep doors open for their centralized control, and there is no way they can keep someone else from getting a key to any of those doors. They cannot profit from total security.
The only way to tame the software issue is to remove the profit motive. That’s what Open Source is all about. Open Source is modular and far simpler in design in the first place. On top of that, you can take control as much as you like and it’s far easier to do so. The only way to profit from Open Source is in the packaging and delivery, and shifting the responsibility for technical servicing to someone else.
The other issue is hardware. However, given that the dominant OS in the market is Windows, there is a tendency for Windows to steer the hardware market. In the old days, the hardware did simple things and required user expertise. As things got more automated, it also became more closed to the user. Today, you cannot buy hardware that you can actually control. You would have to make it yourself; that’s also increasingly possible, but not yet. Instead, what we have today is commodity hardware that most people can afford, but that the owner doesn’t actually own.
The biggest issue if firmware. That’s the software built into the hardware itself, rather like the BIOS of most computers. Except that many parts of the computer each have their own firmware: hard drives, modems and networking chips, sound and video hardware, etc. If your hardware boots via UEFI, you have already lost the battle. At this point, it’s possible for someone to get their hands on your machine and change the firmware. Standard hardware doesn’t block such modifications. Increasingly, it isn’t even necessary to touch the hardware, only catch you in certain usage that exposes your system to remote takeover. Malware can change firmware. If your machine was designed for Win10, that’s true already. So in practice, anything you bought starting around Win7 is highly vulnerable to firmware changes without you knowing it; you can’t even find out without using a very expensive testing lab.
Given that governments act just like criminal organizations in secretly compromising every commercial operation big enough to get their attention, you might not want to trust even some of those expensive labs. You cannot trust the manufacturers already. Even if you stood looking over the shoulder of everyone in the factory who touches your machine, and then walked out the door with your computer never out of your physical possession, you still have to deal with the vulnerability of all the parts that the factory shipped in. And if you simply order something online, it can be intercepted and jiggered without you ever having a clue. We already know that the NSA has done this, having the shipper drop it off at their facility and changing the hardware, then repackaging it and giving it back to the shipper. We knew that four years ago.
But in general, hardware up through Windows Vista is safe while being powerful enough to do useful things. For myself, I try to buy high-end business machines made for Vista. There are a lot of them still out there and most of them run Linux beautifully. But then there’s cellphones and TVs, along with other gadgets capable of networking. Cellphones have tracking software built in as part of how cell technology works in the first place. Some standard bundled apps already exploit this for advertising revenue, and anything you add from the download stores will just increase that exposure. Recently there was noise in the news about how TVs can set hypersonic beacons that your cellphone apps can respond to and track your habits. If you carry your phone where you can hear it ring, it can hear what you are doing. If you turn on that voice-activated stuff, it most certainly is listening and recording your habits.
We have to make compromises. I’ve already covered browsers, but here are some generalities. The problems with browsers are four: (1) cookies, (2) graphics, (3) scripting, and (4) advanced multimedia. If you use a plain-text browser (Lynx, Elinks, etc.), all you have to deal with are cookies. If you need cookies to get things done, set your browser for session cookies only. If you use a simple browser that does text and graphics (like Links2 and Dillo) but no scripting, then you have to add the concern for web-beacons: little images that contain tracking information. Clear your cache or set the browser to keep nothing in the first place. Once scripting becomes possible, you lose far more control, because scripting is the single biggest vulnerability in browsers. Even if your browser can’t do advanced multimedia, scripting makes “evercookies” possible. You then have to start adding protection extensions to your browser, and learn how to delete the cache. The evolving advanced multimedia technology typically includes new means of tracking and fingerprinting.
Folks, the advertising industry has lobbied commercial browser makers to make changes taking choices from you, the user. Indeed, the advertisers are lobbying the standards bodies to put their advantages in the protocols themselves. Meanwhile, advertisers violently resist any accountability, even selling advertising space to crooks so that malware is nearly impossible to avoid. Blocking all advertising is in your best interest simply on the grounds of computer security.
I typically clear my browser cache between websites. If I chase links from one site to another, I clear the cache after visiting each link. The effect is that commercial trackers get nothing useful, even if they fingerprint my browser. As it is, I use multiple browsers at the same time, sometimes copying a link from one to another based on what I know about the link and why I’m chasing it. The vast majority of my surfing is with Links2, which does some images and no scripting. I clear the cache between sites. I have evidence that my habits have thoroughly confused the advertisers as to who I am, where I live and my income level. That’s not proof, but an indicator of how you can avoid the wrong kind of attention.
Addenda: Part of the surveillance (US Marshals) I experienced included having my systems hacked and fired from a church job. The hacking stopped when I switched from Windows to Linux and FreeBSD. Their comments to others indicated a prejudice against my Christian beliefs, so it qualifies as religious persecution. I’ve also been literally struck by lightening twice. Such things change your perspective.