by Swapnil Bhartiya

How to protect your online privacy in the Trump era

Jan 27, 2017
Encryption Linux Open Source

You may not have anything to hide, but do you really want some government agency peeking into your private digital life? I didn't think so.

Despite being a heavy user of Twitter, president Trump is not supporter of the open internet or net neutrality. In 2014, he criticized the FCC for ruling in favor of net neutrality and tweeted, “Obama’s attack on the Internet is another top down power grab. Net neutrality is the Fairness Doctrine. Will target conservative media.”

Back then, Trump was aspiring to run for the presidency. Now he is the 45th president of the United States. His appointment of net neutrality critic of Ajit Pai to head the FCC shows that his opinion about net neutrality has not changed.

Not only is President Trump supposedly opposed to net neutrality, he is also opposed to open internet. During his campaign, Trump suggested closing ‘parts’ of the internet and attacked freedom of speech. He said, “We have to go see Bill Gates and a lot of different people that really understand what’s happening. We have to talk to them about, maybe in certain areas, closing that Internet up in some way. Somebody will say, ‘Oh freedom of speech, freedom of speech.’ These are foolish people. We have a lot of foolish people.”

Also at stake: online privacy and security. Jeff Sessions, Trump’s pick for Attorney General, wants crypto backdoors, which means even if you are using encryption government agencies can monitor you.

While Sessions does admit the importance of encryption, president Trump seems to have no trust in it, not even in military-grade encryption. Recently he said, “I have a boy who’s 10 years old, he can do anything with a computer. You want something to really go without detection, write it out and have it sent by courier.”

Why? President Trump explained, “Because I’ll tell you what: No computer is safe.”

This poor understanding of how computers work, combined with the desire to close ‘parts’ of the internet and hostility towards the press, facts and free speech pose some very serious challenges for U.S. citizens.

Privacy first

I am not an investigative journalist, federal government employee or activist, but as a citizen, I do have concerns about my privacy under a Trump administration. Just because I don’t have anything to hide, doesn’t mean some government agency should be peeking into my private digital life.

I believe every ordinary citizen should have a right to privacy. So I invite you to join the ‘privacy first’ movement. The first goal is to add some layers of privacy to your online activities. The second goal is to increase the usage of the same tools that are used by activists and journalist to make it hard for the government to target them. The idea is to pile up hay on top of the needles. 

Here are a few steps you can take to protect your privacy. None of these are meant for really sensitive use-cases, but for the general populace.

Use Linux-based operating systems: Don’t trust any proprietary operating systems for sensitive work. Since you don’t have access to the source code, there is no way to know if there is a back door. I’m not asking you to give up on macOS or Windows 10; feel free to use them for whatever your job requires. But when it comes to dealing with sensitive work, don’t trust anything other than extremely secure operating systems like Kali Linux. Also, bear in mind that using Linux alone won’t protect you. Security is not a one night stand, there are way too many factors that can compromise your identity.

Avoid smartphones: Similar to desktop operating systems, no proprietary mobile operating systems are secure, including stock Android and iOS. Mobile phones are real-time tracking devices, so refrain from carrying a mobile phone if you are going to do some sensitive work. If you can afford it, there are some expensive Android-based secure smartphones that are fully encrypted and secure.

Stop using the fingerprint scanner: Using fingerprint scanning to unlock your devices is more about convenience than security. In fact, it’s the most insecure thing to do. Any one can force you to touch your phone scanner to unlock it; it can even be done if you are unconscious. Always use complicated passwords.

Use disk encryption for laptops: MacOS and Linux allow full encryption of hard drives, and you must always keep your hard drives encrypted. It does affect boot-up time and in some cases performance, but it’s worth it. Even if your laptop gets stolen, encryption will protect your files. Trust me, encryption is much safer than writing it down and sending it via courier.

Use open source cloud services: While I suggest not using the public cloud for anything sensitive, I heavily recommend using these open source and extremely secure services:

  • Nextcloud: Don’t use Dropbox, OneDrive, Google Drive, iCloud or any such proprietary services to store sensitive (or even not-too-sensitive) data. Get a server in a privacy-respecting country and set up your own Nextcloud server for file storage and syncing. I’ve written before about some of the security features of Nextcloud.
  • Kolab mail: Don’t use Gmail, Hotmail and certainly not Yahoo! Mail for any sensitive work. Instead create an account with Kolab Now, a Switzerland-based groupware service that does offer more security and privacy than stock email services.

Use the Tor browser: Please don’t log into your Gmail account when you use the Chrome browser. You are essentially creating a detailed log of your internet activities that are accessible to Google. The same is the case with many other browsers that offer a login option to sync your online history, passwords and bookmarks. I heavily recommend using the Tor browser for everything, other than watching cat videos or accessing services like Netflix.

Use Signal: Please don’t use messaging services like Google Hangouts, iMessage, FaceTime, or Skype. I also don’t recommend Facebook’s WhatsApp because, despite claims of offering end-to-end encryption, your identity can be easily compromised. I heavily recommend Signal, an extremely secure messaging service.

Disable webcam and mic: The webcam and internal microphone of your laptop can be hijacked to spy on you. Use a tape to cover your webcam and a dummy plug to disable your microphone. Researchers have found a way to hack the headphones connected to your computer and use them to spy on you, so if you are not listening to music keep your headphones unplugged.

Stay safe

These are some very basic, primary, steps that you can take to add a layer of privacy to your online life. At the same time, keep yourself educated about online privacy and continue to add more layers to it. 

If you have any tips, feel free to suggest them here