https://matthewdgreen.files.wordpress.com/2016/07/2274252795_918bcffc01_b.jpg

[…]Anyone who has taken a network security class knows that the first rule of Internet security is that there is no Internet security. Indeed, this assumption is baked into the design of the Internet and mostpacket-switched networks — systems where unknown third parties are responsible for handling and routing your data. There is no way to ensure that your packets will be routed as you want them, and there’s absolutely no way to ensure that they won’t be looked at.

Indeed, the implications of this were obvious as far back as ARPANET. If you connect from point A to point B, it was well known that your packets would traverse untrusted machines C, D and E in between. In the 1970s the only thing preserving the privacy of your data was a gentleman’s agreement not to peek. If that wasn’t good enough, the network engineers argued, you had to provide your own security between the endpoints themselves.[…]

The network is hostile — Cryptography Engineering

Communicating in a hostile environment — Wired

https://media.wired.co.uk/photos/606da743ad865a997660adb6/master/w_1600%2Cc_limit/sell.jpg

Edward Snowden showed us that our personal communications aren’t as private as we thought. But as Nico Sell, co-founder and CEO of California-based secure messaging app, Wickr points out, the NSA and GCHQ are just the tip of the iceberg. “There are 70 nation states that have very active spying programs,” she says. “But there are also thousands of data brokers that spend thousands of hours collecting every single piece of information they can on you — and making money off it.” Here are her tips for communicating secretly in the surveillance state.

Encrypt your messages

Email and text offer little protection against NSA snooping, but encryption apps like Wickr, Surespot and Telegram ensure that once a message leaves your phone, the only person who can read it is the person you sent it to. That includes the company itself and anyone who breaks into their servers, but for extra security check they don’t store your messages at all, even in encrypted form

Set communications to self-destruct “The internet is forever and all this data we’re creating is forever,” Nico says. “But really only about one per cent of our conversations actually need to be around that long.” Use a messaging app with a self-destruct option allowing you to set your messages to automatically delete after a certain amount of time. Six days is a reasonable default, but for particularly surveillance heavy situations or sensitive information, Sell suggests shortening this to just an hour.

Cover your inputs “Everyone should cover their inner-facing cameras with electrical tape,” Sell says, “that’s easy.” She also recommends keeping your audio input plugged with a cut-off mike. “This stops malicious apps from listening to you. Once you give them access to the mike they can turn it on the background, without you noticing.” While this won’t stop an NSA hardware bug, she points out that these apps are a much greater threat to the general population.

Avoid hardware bugs[…]

Communicating in a hostile environment — Wired

Related:

Covert Communication Networks in Hostile Environments — Hindawi