Asset Protection BLOG - Mark Nestmann

I pride myself on being prepared for just about anything when it comes to my laptop PC.  I've successfully my data after dropping it on a concrete floor, shorting out the keyboard, and corrupting the hard drive.

But this morning, I came close to panic.  OK, it was panic, although only for a moment.

Yesterday evening, I installed the newest version of PGP Desktop, the flagship personal encryption product from PGP (http://www.pgp.com).  (The PGP line of encryption products originated in the work of legendary programmer Phil Zimmerman, who almost went to jail in the mid-1990s for creating an encryption product the U.S. government couldn't break.)

Everything went smoothly.  After installing the program, I began what PGP calls "Whole Disk Encryption."  That means that the laptop will start up only after you enter the correct PGP "passphrase" into a dialog box. 

No problem there.  I created a passphrase that was easy for me to remember, and hopefully, hard for anyone else to guess.  Then I did something you're not supposed to do—I wrote down the passphrase on a piece of paper in case I forgot it.  My intention was to shred that piece of paper this morning, after making certain that I had memorized the passphrase.

This morning, after a mug of the overly-strong coffee I'm so fond of, I sat down at the laptop and turned it on.  As I expected, the PGP dialog box appeared and asked me for the passphrase.  I entered it, but the program told me I had entered in an incorrect passphrase.

That's when the moment of panic set in.  I typed every conceivable variation of the passphrase I could think of, at least 30 in all.  None of them unlocked my laptop. 

I knew from reading the PGP user guide that if I couldn’t recall the exact passphrase, the only choice I would have would be to reformat my entire hard drive.  S**t!!!!

And remember that piece of paper?  Apparently, the passphrase I wrote on it wasn't the one I actually used to encrypt the hard disk.  Double s**t! 

What to do?  The only alternative was to keep trying different passphrases until one opened up the disk.  Then I remembered that I had considered—and I thought rejected—a slightly shorter passphrase than the one I actually used to encrypt the hard drive.  Could I have mistakenly used that one?

I entered that combination of letters, numbers, and symbols on the keyboard and briefly held my breath.  The hard drive opened up normally, and I was back in business.

The moral of this story, of course, is do as I say, not as I do, to wit: DON'T FORGET YOUR PASSPHRASE!! 
And of course, don't panic, unless there's a very good reason. 

Copyright © by Mark Nestmann

As wacky as some of the anti-terrorist initiatives that I've written about in the good ol' USA, they don't hold a candle to those advanced in the United Kingdom.

Case in point: the U.K.'s Regulation of Investigatory Powers Act (RIPA).  When the U.K. Parliament enacted this law in 2000, proponents claimed it was urgently required to deal with "new technologies" allegedly used by terrorists, pedophiles, and the like.   

Among other provisions, this law:

• Allows the U.K. government to issue a secret demand for your e-mail and browsing records from your Internet Service Providers
• Facilitates mass surveillance of cellular phone calls
• Forces telecom companies to install equipment to facilitate mass surveillance
• Requires targeted individuals to hand over their encryption keys and passphrases

However, one of the lesser-known effects of theRIPA to enable local "Councils"—the U.K. equivalent of city governments in the United States—to conduct their own investigations using these same provisions.  The only limitation is that councils may not wiretap phones—this power is reserved for police and intelligence services.  Indeed, according to figures recently released by the U.K. Office of the Surveillance Commissioner, local councils initiate approximately 1,000 covert surveillance investigations each month.

Naturally, this authority is being used only to investigate extremely serious crimes.  Some of the "terrorist-related" offenses currently under investigation include:

• Pet owners failing to pick up dog poop allegedly left by their dogs
• The use of tobacco products by children under the age of 18
• Council residents failing to properly segregate their trash for recycling
• Parents lying on a child's application form for admission to an elite school
• Illegal dumping

This result should surprise no one.  "Surveillance creep" is a phenomenon I've long observed in laws originally enacted to fight serious crime.  Since such laws generally reduce the burden to obtain evidence, obtain a criminal conviction, or seize property, authorities naturally use the new law instead of older, more burdensome legislation. 

Nor is surveillance creep limited to the United Kingdom.  The USA PATRIOT Act, supposedly enacted to fight terrorism, is now routinely used in other types of criminal investigation.  U.S. civil forfeiture laws, enacted in the 1970s to crack down on drug kingpins, are now used to routinely to confiscate cash from unwitting motorists and others.  No criminal conviction is necessary.   

The only way to stop surveillance creep is to stop enacting laws that give governments carte blanche to take shortcuts in order to solve increasingly petty crimes.  In the meantime, if you live in the United Kingdom (or anywhere else), beware of sending e-mail.  A local council investigator may just be reading it, looking for evidence that you failed to clean up after your dog.

Copyright © 2008 by Mark Nestmann

Could you be arrested for stomping your foot in a restroom?  Prosecuted for accepting "hot money?"  Or imprisoned for clicking your mouse on a hyperlink that pops up in your Internet browser?

If you live in the United States, the answer is yes.  Welcome to the world of government stings. 

Former Sen. Larry Craig (R-Idaho) is only one of the most familiar victims of a government sting.  Last year, Craig visited a men's room at the Minneapolis-St. Paul airport.  There, according to the report of an undercover male police officer, he stomped his foot, rubbed his fingers together, and made other gestures that supposedly indicated he wanted to have sex with the officer. 

That was sufficient evidence for the officer to arrest Craig for disorderly conduct and "peeping."  Not long afterward, Craig resigned from the Senate.

How else might you become lured into an undercover sting operation?  Lots of ways.  Take money laundering, for instance. 

Let's say you work in a bank.  One day, an undercover officer approaches you and says he needs to take care of some "hot money."  The implication is that the funds were generated illegally.  If you accept the money--or even permit the officer to put it in a safety deposit box--you could be convicted of money laundering.

You don't need to know where the money came from.  All you need to know is that it came from, or was represented by an undercover investigator to come from, some form of illegal activity.   That makes undercover laundering sting operations a lucrative source of criminal convictions. 

What's more, all property "involved in" a laundering offense is subject to civil or criminal forfeiture.  Since the bulk of forfeited monies generally remain with whatever agency seized them, the incentives for abusive stings are immense.

A textbook example was the 1999 conviction of Esperanza de Saad, a South Florida banker who was the target of a money-laundering sting.  In setting aside his conviction, a judge ruled that an undercover informant who testified against de Saad never represented that the funds he was seeking to "launder" were the proceeds of illegal activity.

Increasingly, government stings occur in cyberspace.  Click on the wrong hyperlink, and you could go to jail.

Undercover FBI agents now routinely post links in online discussion forums, social networking Websites, and elsewhere purporting to depict minors having sex.  If you click on the link, and the FBI can trace your Internet connection, you can expect arrest, prosecution, and imprisonment for attempted possession of child pornography.

That's what happened to Roderick Vosburgh, a doctoral student at Temple University.  Vosburgh allegedly clicked on a FBI hyperlink that pointed to child porn videos.  Vosburgh, who has no prior criminal record, now faces a 10-year prison sentence.  Upon his release, he must register as a sex offender.

Some may defend government stings aimed against persons who might be predisposed to download child pornography as necessary to protect children from sexual predators.  But here's the scary part: using the same logic and legal reasoning, the FBI could send billions of unsolicited spam emails advertising illegal drugs, weapons of mass destruction, or anything else that's illegal.  Respond to the e-mail message in any way, and you just might be in for an extended visit at Club Fed.

How can you protect yourself?  Don't stomp your foot in a men's public restroom.  Don't accept or otherwise deal with money that has a dubious origin.  And be very, very careful of where you surf on the Internet. 

For hundreds more suggestions on how to protect your privacy and property, click here.

Copyright © 2008 by Mark Nestmann

Like so many other things, especially investing, your e-mail communications are more private if you conduct them offshore.  That's because U.S. law enforcement and intelligence agencies essentially have "carte blanche" to U.S. e-mail providers.   In certain cases, so do ordinary civil litigants. 

Several factors, both legal and technological, facilitate surveillance of U.S.-based e-mail accounts. Since 1986, the government has been able to obtain basic subscriber information for telephone, e-mail, Web browsing, or other electronic services, including name, address, and toll records, simply by issuing a subpoena.

The USA PATRIOT Act significantly expands this authority.  Police can now obtain "records of session times and durations," as well as records of "any temporarily assigned network address."  This data makes it faster and easier to identify you and trace your Internet communications. 

Another glaring exception applies to e-mail or voice messages stored on an Internet service provider's or telephone company's computers.  To read your stored e-mails on Yahoo, G-Mail, etc., or listen to your stored voice messages, police need only demonstrate that the information sought is relevant to an investigation.  They don't have to establish that there's probable cause of any crime. 

This exception may also apply in civil cases.  In 2007, a U.S. district court ruled that in a copyright dispute, the party alleging infringement may conduct ongoing surveillance of another party's stored e-mail messages. 

But in the War on Terror, even these rudimentary legal protections have folded.  At least one major ISP has installed a direct conduit from its servers to the largest U.S. intelligence agency—the National Security Agency.  This means the government can read your e-mails and monitor your Web browsing habits in real time, without any legal authorization whatsoever. 

Perhaps you think you have "nothing to hide."  If so, you have the choice of doing nothing.  But if you'd prefer to keep your e-mail records private, your best bet is to use a non-U.S. provider that's not subject to the USA PATRIOT Act.

One that I've long recommended is Hushmail (http://www.hushmail.com).  This service isn't perfect—it has on numerous occasions released information to U.S. investigators—but since it's based in Canada, it's not subject to the USA PATRIOT Act. 

If the U.S. government—or anyone else—wants your e-mail records, it must obtain a court order to obtain them.  Then it must try to enforce that court order in Canada.  This is possible under the U.S.-Canada Mutual Legal Assistance Treaty, but approval is not automatic.  What's more, there is judicial oversight each step of the way.  "Fishing expeditions" into your e-mail records simply aren't permitted.

Click here to learn 118 ways to protect your privacy—both off and on the Internet.

Copyright © 2008 by Mark Nestmann

Historically, postal mail—especially letters sent "first class"—has enjoyed greater legal protection under U.S. law than other types of correspondence.  But, thanks to the "War on Terror," that protection has greatly eroded in recent years.

A record of your written communications provides a highly revealing portrait.  Many biographies have been written based on the subject's correspondence.  What you write, and whom you correspond with, can be equally revealing.

A postal mail cover provides police and investigative agencies a record of all data appearing on the outside of any correspondence you receive or send.  This includes the addressee, sender, return address, place and date of postmark. 

Since the Postal Service doesn't open your mail in a mail cover, it doesn't consider this practice a "search."  That means no warrant is required.  As a result, there's no judicial supervision of mail covers.  All that's required is the administrative approval of the Postal Inspection Service.

At the same time, though, the Postal Service is reluctant to say much about mail covers.  You're not supposed to know.  Indeed, when journalists requested data in 2006 on mail-cover trends and statistics, the Postal Service rejected their request, citing "the interest of national defense or foreign policy." 

However, the Postal Service, in response to a request under the Freedom of Information Act, recently released limited data on mail covers.  And the information is alarming.  Each year, the Postal Inspection Service approves more than 10,000 mail covers.  Nor is it applying a particularly rigorous standard of review.  From 2004-2006, it approved more than 99.5% of mail cover applications. 

It gets worse.  The U.S. Supreme Court has ruled that authorities can't open first-class mail unless a judge issues a search warrant.  But, again,  an increasing number of exceptions apply.  For instance, officials can open first-class mail if they suspect that it contains drugs or other contraband.  Since 2002, the Customs Service has been empowered to conduct warrantless searches of first-class mail sent across a U.S. border. 

Worst of all, in 2006, President Bush quietly asserted a new government prerogative to open domestic mail without a warrant, probable cause, or even suspicion that it contains dangerous materials or contraband.  The only requirement is that the mail opening be related to "foreign intelligence collection."

Despite these drawbacks, first-class mail remains the best way to protect the privacy of your physical (as opposed to electronic) correspondence.  This is particularly true in comparison with private courier services.  All private courier services reserve the right to inspect the contents of packages and routinely cooperate with law enforcement in this regard.  In addition, the courts have consistently said that private messengers may open packages prior to delivery.

Learn hundreds more ways to protect your privacy and wealth—click here for more information.

Copyright © 2008 by Mark Nestmann

In my most recent blog entry, I described a fundamental vulnerability in several popular disk encryption technologies. 

This vulnerability, which researchers have dubbed the "Cold Boot Attack," can leave your encrypted data vulnerable to attack and exposure.  Any information remaining in your PC's memory—including your encryption keys and passphrases—may be recovered.

Fortunately, you can take several precautions to avoid having your data compromised.  They're suggested by PGP, the company that produces PGP Whole Disk Encryption, my top-rated encryption product:

• When possible, place computers in hibernation instead of sleep mode.  Hibernation mode (at least in the case of PGP) removes encryption keys from computer memory.
• Shut your PC down a few minutes before you leave your office or present it for physical inspection (e.g., at a U.S. border crossing).  This gives the memory chips in your PC time to cool off and the contents of the memory to dissipate, lessening your susceptibility to this type of attack.
• If you use PGP Whole Disk Encryption, use PGP Virtual Disk (a part of the program) to prevent this attack.  Keep your confidential files in a virtual disk.  When you unmount your virtual disk, your data is secure from the Cold Boot Attack.  Configure PGP Desktop to unmount virtual disks if the computer goes into sleep mode.
• Finally, never "cache" your encryption keys.  PGP and other popular encryption programs permit you to store your encryption keys in your PC's memory so that you don't have to type the passphrase each time you open an encrypted file. 

I should emphasize that this is a hardware issue—it has nothing to do with the strength or weakness of encryption programs.  But by practicing these encryption "good housekeeping" practices, you can insure your encrypted data remains secure.

Copyright © 2008 by Mark Nestmann

One of the best ways to protect the data on your home or office PC, and—especially—your laptop is to encrypt it.

Encryption is a mathematical process that converts your e-mail messages, your disk files, or even your entire hard drive into unreadable gibberish.  Only you—and the intended recipients of your encrypted messages—can decipher the gibberish.

Encryption programs are now available that even the super-computers used by national intelligence agencies cannot decipher messages created with them, at least not without an exhaustive effort.

Unfortunately, recent discoveries by computer security researchers have uncovered a fundamental vulnerability in several popular disk encryption technologies.  This vulnerability can leave your encrypted data vulnerable to attack and exposure.  Basically, what it involves is harvesting your encryption keys from your PC's memory chips, even if your system is turned off.

In a paper published last week, security researchers affiliated with Princeton University announced they had discovered a way to do this, and thus circumventing various disk encryption products.  The researchers say their technique works against Apple's FileVault, the BitLocker Drive Encryption feature included in some versions of Windows Vista, the open-source product TrueCrypt, and the dm-crypt subsystem built into newer versions of Linux.  In theory, the attack would also work against my #1 recommended encryption program—PGP Whole Disk Encryption. 

To succeed in what the researchers call the “Cold Boot Attack,” an attacker must have physical access to your PC or laptop while it is running or within a few minutes of shutting down.  The Princeton researchers discovered that it takes a few minutes after you shut off your PC before the data in your PC's RAM chips is actually gone.  During this period, any information remaining in RAM—including your encryption keys and passphrases—may be recovered.

Once upon a time, computer hardware manufacturers assured us that once you turned your PC off, all the data in its memory (RAM) instantly disappeared.  Only, it turns out this isn't true. 

Here's an example of how your data might be compromised.  You're on a flight from London to New York.  Just before landing, you turn off your laptop, taking care to insure that all your confidential data is encrypted.  You're extra careful, since you know that U.S. customs officials now have the authority to confiscate laptops without probable cause of any wrongdoing.  Once they've done so, they can copy the contents, and use that information for whatever purpose they see fit. 

You enter the customs queue and you're pulled aside for a secondary inspection.  The customs agent asks to see your laptop.  He inserts a USB drive into it and turns on the power.  Software on the USB drive identifies the encryption keys and reconstructs them, along with your passphrase.  Now the agent can read every encrypted file on your laptop. 

I should emphasize that this is a hardware issue—it has nothing to do with the strength or weakness of encryption programs.  But it means that an attacker could compromise all encrypted data on your PC, even if it's turned off!

Fortunately, there are several precautions you can take to avoid having your data compromised in this manner.  I'll describe them in my next blog entry.

Copyright © 2008 by Mark Nestmann

Your laptop PC may be the most dangerous item you own.

Laptops are a magnet for thieves, because they can easily be sold to pawnbrokers or others.  But it's the data on your laptop that can be truly devastating in the wrong hands.

In 2006, thieves broke into the home of a contractor for the Veterans' Administration, and stole a laptop containing identifying data on 26.5 million veterans.  The information included name, address, and Social Security numbers—more than sufficient data to carry out a massive identity theft. 

If your company has a new invention, a patent application in process, or other potentially profitable developments underway, it's perfectly understandable that your competitors might be interested in knowing about it.  And what better way to learn more than to peek at the files on your laptop?

Laptop thefts are also increasingly common.  In 2004 (the latest statistics I could find), more than 600,000 laptops were stolen worldwide. 

What's more, when you take your laptop across a U.S. border, customs officials have the right to copy all of the data on it and use it for whatever purpose they wish.  There's no warrant, no probable cause, no arrest—just "gimme." 

How can you protect yourself?  I recommend the following strategies:

* Keep confidential information on an encrypted USB stick—not on the laptop itself. When you've finished using your laptop, turn it off, then put the USB stick in a safe place—your pocket, your key ring, or even on a chain around your neck.  That way, if someone steals your laptop, your data will still be with you.  A good program that supports USB encryption is Pretty Good Privacy Whole Disk Encryption (http://www.pgp.com). 

* Encrypt your laptop's hard drive.  The PGP Whole Disk Encryption suite, along with several other program, can encrypt your entire hard drive.  If someone manages to steal your laptop, the thief won't be able to even boot up the hard disk.  Your data—along with information on your Web browsing habits and other data stored in various locations on your hard drive—is completely secure.

Encryption, though, isn't foolproof.  Last week, researchers found a major security flaw in several popular disk encryption systems that can leave encrypted data vulnerable to exposure.  Laptops are particularly vulnerable. 

More in my next blog entry…

Click here to learn hundreds more ways to protect your privacy and wealth.

Copyright © 2008 by Mark Nestmann

It's about time.  The U.S. Congress finally mustered the political courage to slow down the War on Terror' stampede on civil liberties.

By failing to re-authorize the so-called "Protect America Act," Congress reinstated a deeply flawed legal framework for warrantless surveillance.  Nonetheless, that framework is preferable to that developed by the Bush administration under this act, which expired on Feb. 16, 2008.

In the Protect America Act, enacted Aug. 6, 2007, Congress authorized the Bush administration to continue two electronic surveillance initiatives it authorized under a 2001 executive order:

• Warrantless wiretaps of conversations originating in, or terminating in, the United States, of individuals allegedly connected to terrorist groups; and
• With the cooperation of U.S. telecommunications companies, warrantless mining of data streams to analyze transactional records of telephone and Internet traffic in search of patterns that might point to terrorist suspects.

Despite the "terrorist" appellation, these initiatives weren't limited to terrorist-related intelligence gathering.  Any activity, terrorist-related or not, was fair game if deemed of interest to intelligence officials.  Vice-President Dick Cheney, for instance, apparently used Bush's 2001 executive order to eavesdrop on members of his staff he suspected of talking to the press without advance authorization.

The Protect America Act bypassed a legal procedure set up 30 years ago to review applications for national security and intelligence-related electronic surveillance.  Under the 1978 Foreign Intelligence Surveillance Act (FISA), a secret federal court must review any application for electronic surveillance that has a "substantial likelihood" of monitoring the communications of a U.S. resident.

But with the Protect America Act, the definition of "electronic surveillance" subject to FISA become much narrower, in effect, legalizing the Bush administration initiatives.  What's more, the FISA court played a much smaller role.  Rather than a court, the act gave the attorney general—a political appointee—the responsibility to authorize FISA-related surveillance requests.  The court merely reviewed surveillance already under way. 

The Protect America Act also directed telecommunications companies to assist the government in implementing the Bush surveillance initiatives.  In addition, it protected those companies from private lawsuits for alleged violations of FISA.  Dozens of such lawsuits have been filed.

Despite warnings from the Bush administration of possibly grave consequences if the Protect America Act ever expired, Congress thankfully set a time limit on this authority—February 16, 2008. 

That supposedly would give legislators enough time to come up with a framework that would give back the FISA court some of its oversight.  In exchange, Congress would presumably permanently legalize the Bush surveillance initiatives.

The Bush administration, however, wanted more.  It also demanded that telecom companies receive retroactive legal immunity for their participation in illegal surveillance prior to enactment of the Protect America Act. 

Last week, the Senate caved in to Bush, and included telecom immunity in its amendments to FISA.  However, the House didn't go along.  It adjourned for three weeks on Feb. 16 without renewing the Protect America Act.  In the process, it delivered a rare respite to greater privacy intrusions in the never-ending War on Terror.

This certainly isn't the last word, but as it stands now, the FISA court must once again approve any new applications for electronic surveillance under the "substantial likelihood" standard. 

Despite my grave misgivings about the entire procedure being shrouded in secrecy, and with near-total lack of accountability, this procedure is far preferable to placing the final decision in the hands of the attorney general.  It's hard to forget that only a few months ago, the now thankfully departed Alberto Gonzales occupied this post.

What's more, even though Congress didn't cave in to the Bush administration, the world didn't end on Feb. 16.  No mushroom clouds appeared over Washington, D.C., or New York City.  Now that Congress has displayed a little backbone in defending civil liberties, it will hopefully have the courage to do so again. 

Copyright © 2008 by Mark Nestmann

Since the events of Sept. 11, 2001, U.S. citizens, along with just about everyone else, have become accustomed to greatly increased surveillance of their travel habits, their financial affairs, and their communications. 

But that's only the beginning of what our political leaders have planned for us.  In the name of the "War on Terror," we have entered what Michael G. Michael, a theologian and technology historian in Australia, calls "ueberveillance."  (The word "ueber" means "over" or "super" in German).

In the world of ueberveillance, you're subject to continuous monitoring, from the moment you awake until the moment you go to sleep. 

Let's say you live in the United States, home to some of the world's most pervasive surveillance.  You awake and turn on your PC to read the news and check your e-mail.  Under the "Protect America Act," the entire data stream from your online session is sent to the super-secret National Security Administration for analysis.  Should something you've done prove suspicious, your online session is available for police to examine, without a warrant.  This is courtesy of the "National Security Letter" provisions of the USA PATRIOT Act.

Once you've caught up with the news, you emerge from your flat.  Almost instantly, a closed circuit television (CCTV) camera captures your image.  Face recognition software immediately identifies it.  As you walk to your train station, successive CCTV cameras record your progress. 

Walking by a bank, you withdraw $100 from an ATM.  Fortunately, the amount you've withdrawn is within your financial profile, so there's no need for the bank to notify police of "suspicious activity" in your account.  If you had tried to withdraw over $1,000, however, an alarm would have been triggered.  Your entire account would have been frozen pending an investigation.  Naturally, your banker isn't allowed to inform you of this.  You're not supposed to know.

On the train, commuting to your job, CCTV cameras monitor your every movement.  When you emerge from the station, more CCTV cameras track you as you walk 100 yards or so from the subway station to your office. 

You arrive at the office and log in to your workstation.  Naturally, your employer records everything you do online to insure that you're not violating any policies.  Such monitoring is completely legal under U.S. law.

At lunch, you emerge from the office and walk to a nearby deli for a sandwich.  The clerk doesn't have change for a $20, so you pay with a credit card.  Naturally, your credit card records are also available for warrantless inspection by police, once again courtesy of the USA PATRIOT Act. 

In the afternoon, have an appointment to visit your doctor.  When you arrive, you sign a piece of paper called a "HIPPA Disclosure Notice."  It gives your doctor permission to provide your medical records to your insurance company for billing purposes.  What the notice doesn't mention is that your signature also provides permission for your doctor to provide government agencies, direct mail marketers, and law enforcement agencies access to your confidential medical records.  And doctors' hands are tied—they must turn over your records on request, or face sanctions. 

Emerging from your doctor's office, you stop at a grocery store.  To save money, you pay for your groceries using a "shopper's card."  Unfortunately, you didn't bother to read the "fine print" when you applied for the card, which gives the supermarket the right to use your purchase data for any purpose they see fit.  For instance, if you slip and fall in the store, and sue, the supermarket could use the fact that you'd purchased liquor there as evidence that you were likely intoxicated when you injured yourself.

Fortunately, no accidents occur in the store.  You walk out and are promptly picked up by yet another CCTV camera.  Returning home, you mix a cocktail and log in to your PC to read your personal e-mail.  Which, naturally, is no less monitored than it was that morning.

Welcome to the world of ueberveillance.  And be ready for more to come in the years ahead.

Don't like being monitored?  Be sure to read my next blog entry to learn steps you can take to reduce, if not eliminate, many forms of surveillance.

Copyright © 2008 by Mark Nestmann

I probably don't need to remind you that courtesy of the "War on Everything," in the United States, basically everything you do online is subject to surveillance.

Your e-mail, your newsgroup visits, your Web browsing history, your online chat sessions, etc. all are monitored.  Much of the time, this monitoring occurs without any warrant or the review of any court. 

For instance, thanks to the USA PATRIOT Act, police can now issue a subpoena, with no judicial review, to obtain your online "records of session times and durations," as well as records of "any temporarily assigned network address."  This data makes it faster and easier to identify computer users and trace your Internet communications. 

Fortunately, it's not difficult to defeat this type of surveillance.  The secret is to use a technology called a "virtual private network" (VPN).

Internet-based VPNs encrypt connections at the sending and receiving ends, and keep out traffic that's not encrypted.  A VPN protects your data and communications from criminals, co-workers, and even your Internet Service Provider (ISP).  If the FBI comes calling and wants to know who you're communicating with, all your ISP will have to show them will be a connection to your VPN, and nothing more. 

There are numerous kinds of VPNs, some more reliable and secure than others.  I'm not competent to judge the competing standards, but I can say that I prefer VPNs that are non-U.S. based.  That way, the records the VPN provider maintains aren't subject to the USA PATRIOT Act and similar laws. 

Two VPN services that I've recommended in the past are Armorgate (http://www.armorware.com) and Diclave (http://www.diclave.net).  I've found Diclave easier to use, but Armorgate appears to offer a more comprehensive service.  Both are non-U.S. based: Armorware is in Canada, and Diclave in Germany.  (Diclave is in the process of being acquired by Panama-based Kryptohippie.  When the acquisition is complete in a few weeks, the http://kryptohippie.com Web site—now under construction—will use Diclave's VPN technology.)   There are many other VPN choices; the point is that if you care about your online privacy, you should be using VPN technology.

You may find (as I did) that certain applications aren't compatible with your VPN.  If that's the case, when you activate the VPN, your firewall may try to reset connections for the various services that require Internet access, or that at least attempt to connect to the Internet.  Don't provide permission for any application to reconnect that you don't need.  This increases security even more as there are fewer potential points of attack for a hacker or eavesdropper to exploit. 

VPN subscriptions aren't cheap.  Diclave, for instance, costs US$385 annually.  But only you can decide on what your privacy is worth. 

Copyright © 2008 by Mark Nestmann

A Pennsylvania man learned the hard way that you have no right to privacy when your computer is repaired.

On October 15, 2004, Kenneth Sodomsky brought his computer to a Circuit City store in Pennsylvania.  When he arrived, he asked store technicians to install a DVD burner in it. 

To test operation of the burner, an employee searched for video files.  According to the employee's court testimony, the titles found included, "ages of either 13 or 14, and sexual acts."  After confirming that one of the video files was, in fact, pornographic, the employee contacted the store manager, who contacted the police. 

Police obtained a search warrant to search the PC and confirmed the presence of child pornography.  On Dec. 5, 2007, the Pennsylvania Supreme Court upheld the search and seizure procedure used in this case.  Sodomsky now faces criminal charges for possession of child pornography.

According to the Pennsylvania Supreme Court, when Sodomsky took his computer to Circuit City, he "abandoned" it.  Under the legal theory of "abandonment," you relinquish any expectation of privacy in the abandoned item.  If the person you leave your property with decides to turn it over to police, you have no right to object.

Many other states have similarly expansive views of abandonment.  Basically, it means you should NEVER turn any property over to another person if there is even the slightest chance that there might be something potentially incriminating on it. (The U.S. Supreme Court has declared the same principle applies to trash set out for collection.)

If Sodomsky had taken the simple precaution of encrypting or otherwise restricting his files, the result might have been different.  Since the files weren't encrypted, the Circuit City employee wasn't undertaking a "fishing expedition" by conducting an automatic search for video files in order to test the burner's installation. 

However, even with encryption, the result might have been the same if Circuit City technicians had found evidence of viewing child porn in Sodomsky's "cache" files.  These are the files automatically created by an Internet browser or ancillary software of images previously viewed. 

Pennsylvania, and several other states, have ruled that merely viewing child pornography is enough to be convicted of possessing it—even if the images aren't intentionally saved. 

And here is where the real danger lies.  Every day, billions of spam messages promoting pornographic Web sites are sent to millions of e-mail addresses—perhaps yours.  If you view any of these messages, the images they contain will automatically be stored in your Internet cache.  And that's sufficient evidence for you to be thrown in jail. 

How do you protect yourself?  Besides avoiding pornographic sites--particularly those that could be construed as promoting child pornography--the most basic precaution is to turn off disk caching—click here to learn how.

In addition, before you take in your PC for repairs, sell it, or give it away, be certain that it's not hiding any compromising content somewhere.  Among other precautions, that means you should defragment your hard drive, securely delete any unneeded files (using a program such as PGP), and wipe "free disk space" to make sure incompletely deleted files are, in fact, deleted.

I can't promise these precautions will remove every trace of pornography from your PC that you may have unintentionally viewed.  But they will go a long way toward proving that you had absolutely no intention of "possessing" child porn.

Copyright © 2008 by Mark Nestmann

Old fogies like me aren't participating in it, but there's a digital music revolution going on.  And the entertainment industry doesn't like it.

Since 2003, the Recording Industry Association of America (RIAA) has brought more than 20,000 lawsuits against anyone it believes is illegally downloading—or sharing—music or video over the Internet. 

Similar lawsuits are ongoing in other countries.

Essentially, what's going on is that computer users—mainly young people—are using the Internet to seek out music and video, and not pay for it.  Many of them offer to share music and video on their personal computers with other Internet users.  So-called "peer to peer" networks (such as Gnutella and TorrentSpy) facilitate this type of "sharing," which the RIAA, not unsurprisingly, considers theft.

I can understand why the RIAA is upset about file sharing.  I'm not sure what the best way to deal with the problem is, but the RIAA certainly isn't building goodwill by suing their most enthusiastic consumers.

But now, the RIAA has expanded its claims to a point that affects many, if not most, PC users.  In a lawsuit filed against Jeffrey Howell in Scottsdale, Arizona, the RIAA now claims that it's illegal to make copies of your own lawfully purchased CDs for personal use.  Even if you don't share them with anyone. 

If the courts uphold the RIAA's claim, it would presumably also be illegal to make backup copies of your computer software.  Indeed, it would presumably be illegal to make a backup copy of a copyrighted news story or book you purchased in electronic format. 

The RIAA has long warned users that copying CDs is illegal.  On its Web site, it claims that, "If you make unauthorized copies of copyrighted music recordings ... you could be held legally liable for thousands of dollars in damages."  However, the case against Howell seems to be the first time the RIAA has taken this position in court.  (The RIAA also accuses Howell of illegally sharing 54 sound recordings on his PC over a peer-to-peer network.)

Fortunately, the RIAA's extreme position seems unlikely to be upheld in court.  A series of court rulings in recent decades—including a famous Supreme Court case—found no violation in copyright law in using VCRs and other devices to make personal copies of a legally-purchased or otherwise obtained recording. 

I'll be watching this case carefully.  In the meantime, if you avoid using peer-to-peer networks to share music or video, you appear to be acting legally if you back up your own CDs—even if the RIAA says otherwise.

Copyright © 2008 by Mark Nestmann

If you're an Internet news junkie, beware.

Hackers have long used infected Web pages and e-mail attachments to spread "Trojan Horses"—programs that allow an outsider to take over your PC. 

Once your PC is compromised, a hacker has full control over it.  The hacker can read and write files, steal passwords, and address lists, even format your hard disk.  (However, hackers usually use networks of Trojan-infected PCs to attack other Web sits in so-called "denial of service attacks.")

But now, there's a new attack vector—the news.  Within hours of the December 27 assassination of former Pakistani Prime Minister Benazir Bhutto, one of the top three results on Google for a search under the word "Benazir" search led to a Trojan-infected Web page.  The Trojan spread rapidly across the "Blogosphere," and within 24 hours, more than 100 Web sites were serving it up to visitors. 

The infected Web sites promise a video of the assassination.  But if you try to download the video, you're prompted to install a new high-definition video "codec."  (A codec is a program that decodes the data stream to view the video.)  The codec contains the Trojan. 

The best way to protect yourself from such exploits is to use common sense.  Never install a program you're not sure you need.  For instance, if you're using the latest versions of Windows Media Player or whatever other program you use to view video clips, you shouldn't need to install additional software. 

Another precaution is to keep your anti-virus and firewall software up-to-date.  Within 24 hours of the assassination, most major anti-virus vendors had installed patches to prevent infection by this exploit.  (AVG Anti-Virus is a good choice for anti-virus software.) 

And with up-to-date firewall software—Comodo is a reliable choice—you'll receive a warning if your PC tries to "phone home" through a program you haven't authorized to communicate over the Internet. 

Copyright © 2008 by Mark Nestmann

From the UK comes news that more than half of PC users have knowingly used someone else's Internet connection, without the owner's permission.

That's not at all surprising.  Indeed, the actual number of Internet service thieves may be even higher.

That's because wireless or "wi-fi" Internet connections make stealing someone else's connection easy.  Indeed, from where I'm typing, right now, I have access to four unprotected Internet connections via the wi-fi card on my laptop. 

I suspect that these individuals are my neighbors, or perhaps a business down the street, although I'm not sure.  What I am sure of, though, is that these unprotected connections pose an immense security risk. 

If someone hijacks your wi-fi connection and then uses it for any illegal purpose—to download child pornography, for instance—this can be traced back to your PC.  This activity, if detected by police, can provide sufficient probable cause for your arrest and possible prosecution.  You might be able to prove that you're innocent if it turns out that your PC doesn't contain any child porn, you might get off with a warning to beef up your Internet security. 

However, as I described in a previous blog entry, it's relatively easy for a child porn aficionado to plant a few select images on your PC to throw police off the trail.  If he succeeds in doing so, it will be your job to persuade the police that you're innocent.

The problem, in a nutshell, is that virtually all PCs—especially laptops—now come equipped with a wi-fi card.  However, many wi-fi connections aren't encrypted, giving other users the ability to use your connection for whatever purpose they wish. 

Here's what you need to do to prevent outsiders from using your wireless connection and potentially engaging or illegal conduct online or monitoring your online activities:

• Change the name of your network (the Service Set Identifier or SSID) from its default name to a name you assign. 
• Set up some form of encryption—the most common forms are called WEP and WPA.  WEP isn't as strong as WPA but is better than nothing and will deter most eavesdroppers. 
• Turn off SSID broadcast.  This feature is useful in wireless hot spots, such as a coffee shop or airport, but not in a home or office environment.
• Avoid unsecured wireless networks.  At coffee shops, Internet cafes, airports, etc., it's often easy to tap into a wireless network.  But many public access points aren't secure, and the traffic they carry isn't encrypted.  Malicious users can use "sniffing" tools to obtain sensitive information such as passwords, bank account numbers, and credit card numbers in such locations.  Protect yourself by subscribing to a virtual private networking (VPN) service through your Internet Service Provider or an outside vendor.  VPNs encrypt connections at the sending and receiving ends, and keep out traffic that's not encrypted.  If a VPN is available to you, log onto it whenever you use a public wireless access point.

These precautions should deter nearly all unauthorized access to your wi-fi connection.  But just to make sure, keep your anti-virus and firewall software up-to-date, and regularly "sweep" your PC for viruses and other "malware" that might have surreptitiously planted illegal images or other unwanted material on your hard disk.

Copyright © 2007 by Mark Nestmann

Just imagine: One morning, you answer a knock at your door.  The person standing there introduces himself as a federal investigator.  He assures you that you're not under arrest.  You're not even under suspicion.  Nonetheless, the agent tells you, he's been appointed to move into your home.  His mission: to listen in to all your telephone calls, read all your e-mails, review all your Web browsing, and report all "suspicious activity" to the FBI. 

"What's suspicious?" you ask.  ”You have no right to know," he replies.  "Am I being singled out for some reason?" you ask.  "No, every person in the United States is subject to this surveillance."

Of course, there's no way that the U.S. government could appoint a full-time investigator to eavesdrop on everything you say on the telephone, or every activity you conduct on your PC.  But, in effect, the National Security Agency, the super-secret intelligence arm of the Department of Defense, is doing something quite similar in its electronic eavesdropping programs.

For instance, to deter narcotics trafficking, the NSA collects and analyzes the phone records of Americans who call people in Latin America.  There's no warrant or other due process involved.  The NSA simply approaches a phone carrier, asks for the records, and analyzes them.

More recently, the NSA has eliminated the requirement to request the records at all.  It simply builds in access to the phone carrier switches—even those that carry domestic calls.  Again, no warrant or due process is required.

According to court documents, in February 2001—months before the events of Sept. 11, 2001—the NSA asked AT&T to give it permission to give the agency access to all the global phone and e-mail traffic that ran through a huge network center in New Jersey. 

The idea was apparently to give the NSA the ability to listen in without restrictions to communications that it believed had intelligence value and store them for later review.  While federal law at the time required the NSA to have court approval to listen in on purely domestic communications, there was apparently no discussion of limiting the monitoring to international communications.

Congress is now debating permanent changes to the Foreign Intelligence Surveillance Act (FISA), which regulates the NSA's data collection practices.  The primary controversy within the proposed amendments is whether private parties who assist the NSA in conducting illegal monitoring can do so without legal liability.  (More than 40 lawsuits are pending against major telecommunications providers for facilitating NSA eavesdropping alleged to have violated the FISA.) 

When Congress adjourned last week, it looked as if the Bush administration had succeeded in building a coalition that would have immunized telecom providers from being sued for violations of FISA.  Congress returns in January, and is expected to vote the proposed amendments—including telecom immunity—into law. 

There are numerous problems to this approach.  Besides the obvious one—abuse of eavesdropping authority to pursue political ends—there's a less obvious problem: security. 

Building back doors and surveillance conduits into communication systems means than anyone who can find the back doors, or the surveillance conduits, has unfettered access to the U.S. telecommunications system.  And, as I've pointed out in a previous blog entry, there's ample evidence to suggest that this is already occurring on a large scale, both inside and outside the United States.  Even the White House telecom system has been compromised, although this vulnerability has supposedly been patched.

What can you do to protect yourself?  I've long advocated using pre-paid, anonymous cellular phones to conduct any conversation you wish to keep private.  Encrypted e-mails are another way to maintain some semblance of privacy.  Another suggestion is to use an encrypted channel for your Web browsing, such as the one provided by www.diclave.net. 

For more suggestions on protecting your telephone and Internet privacy, click here.

Copyright © 2007 by Mark Nestmann

Suppose that you want to send a message to someone that only that person can read.  A mathematical process called encryption makes this possible. 

Encryption scrambles the message using mathematical formulas that make the message unreadable to anyone except for someone possessing the key to "decrypt" it.  Even the super-computers used by national intelligence agencies can't decipher messages created with numerous encryption programs, at least not without an exhaustive effort.

This development deeply concerns law enforcement officials around the world.  And it's not surprising why: a technology now exists by which you can keep information secret, even from the government.  In this age of warrantless wiretapping, ubiquitous video surveillance, and terrorist profiling, there are limits (albeit imposed by technology, not law) beyond which government cannot go.

Encryption is useful in many situations.  You can encrypt an email message you send to someone to insure that only the intended recipient can read it.  You can also send someone a confidential message on a CD or USB stick that only that person can decipher.  You can also insure that confidential files on your personal computer can't be read by prying eyes.

This latter capability is particularly important if you travel internationally.  For instance, U.S. Customs officials can seize and copy the contents of any laptop carried across a U.S. border.  There's no arrest, warrant or probable cause required.  (Click here to read an earlier blog entry I wrote on this development).

What happens, though, if you've taken the precaution of encrypting the contents of your laptop that Customs officials want to examine?  Can they force you to reveal your "passphrase" that converts unreadable gibberish into intelligible—and potentially incriminating—text or images?

Recently, a federal judge in Vermont recently said that Customs officials don't have this right.  The judge ruled that a man charged with transporting child pornography on his laptop across the Canadian border could legally refuse to disclose his encryption passphrase to prosecutors.  To force him to do so, the judge ruled, would amount to forced self-incrimination.  This is prohibited by the Fifth Amendment to the U.S. Constitution.

While prosecutors are appealing the decision, it sends a very important pro-privacy message.  Simply encrypting the contents of your personal computer—a process made simple using programs such as Pretty Good Privacy (http://www.pgp.com) can provide a legally unassailable barrier to privacy invasion. 

Incidentally, in other countries, this protection may not apply.  For instance, in the United Kingdom, if police or Customs officials demand access to your laptop files, you must provide them with the passphrase.  Failure to comply can result in up to a five-year prison sentence.  (See this blog entry for more information.) 

The message should be crystal clear.  Encrypt your files.  Better yet, use a program such as PGP Desktop that encrypts your entire hard disk.  That way, not only will your confidential files be protected, but other data on your hard disk—e.g., not-quite-deleted files, Internet surfing logs, etc.—won't be visible, either. 
Copyright © 2007 by Mark Nestmann

As I described in yesterday's blog entry, police in the United Kingdom now have the power to demand that PC users turn over their encryption keys.  If you don't comply, you can be jailed. 

Now this power has been used, perhaps for the first time--not against a terrorist, but an animal rights activist.

The activist claims she didn't realize there were any encrypted files on her PC, and that she has no idea how they got there, much less how to decrypt them.

This is a more plausible claim that it might appear at first glance.  It's quite common for encrypted files to be present on your PC without your knowledge.  For instance, music, movies, and other media you download from the Internet may be encrypted.  Often the files are locked after a certain number of viewings or after a certain date.  Might you be imprisoned for not being able to decrypt an episode of Bambi you downloaded long ago?

Likewise, it's possible to have encrypted files on your PC you didn't place there yourself.  This is particularly true if you have file sharing enabled on your PC (not recommended, by the way).  If you do, others can download files (encrypted or otherwise) to your PC. 

This may also occur if hackers download a virus to your PC that automatically encrypts your files.  Sometimes, the hackers demand a ransom in order to decrypt your files.  But it's possible that someone could simply maliciously encrypt your files, then disappear. 

Using a good firewall and regularly updated anti-virus software can prevent most such attacks.  But there are no guarantees.

You could hardly be expected to have the encryption keys to files someone else maliciously locked, could you?   This is what the animal rights activist says happened to her.  She says she has no idea how the encrypted files got on her computer, and doesn't have the key or passphrase to decrypt them.

I suppose these are the issues that will be sorted out in the trial, if there is one, of the animal rights activist.

Incidentally, I'm not defending the abhorrent actions of sabotage and vandalism of a small number of animal rights activists.  That's not the point. 

The point is that the state can target anyone protesting the status quo for any reason it seems fit.  It's easy to construe you as a terrorist if you advocate a viewpoint you the majority disagrees.  That's especially true if some of the tactics others advocating your pet cause injure others or damage property. 

If you injure someone or damage property, you should be held accountable.  That's true regardless of your personal motives for committing the crime.  And police have every right to investigate your actions through the normal process—obtaining a search warrant based on probable cause, etc.

It crosses the line though, when police demand that you provide the means of incriminating yourself, under penalty of imprisonment.

That's what RIPA is all about.  That's why it's so dangerous.

And that's why this case is so important.  I can only hope the U.K. courts decline to enforce RIPA against activists in social protest groups.  Otherwise, we could all face the same dilemma as animal rights advocates, whether we agree with their tactics or not.

To learn more about how to protect your privacy, on and off the Internet, click here. 

Copyright © 2007 by Mark Nestmann

How would you respond if, after seizing your computer, police order you to give them the means to view any encrypted files you keep on it?

I suspect you'd feel it was an invasion of privacy.  But if you live in the United Kingdom, this is now the law.

Encryption is an essential privacy and security tool.  It allows you to convert plain-text files on your PC into unreadable gibberish.

I've long recommended encrypting all confidential files on your PC.  Programs like PGP Desktop that automatically encrypt your entire hard disk are even better. 

Unfortunately, government busybodies don't like it when ordinary people have the opportunity to take back a smidgen of the privacy rights they've been systematically stripped up in recent decades.   And so, we have legislation like the notorious Regulation of Investigatory Powers Act (RIPA), which allows U.K. police to demand encryption keys or provide a clear text transcript of encrypted text.

Failure to comply can result in up to two years imprisonment for cases not involving national security, or five years for terrorism offenses and the like.  Police can order you to turn over data months or even years old.

This authority came into force in October 2007, seven years after the U.K. Parliament enacted the original legislation.  We now know that this authority has already been used on at least one occasion.

Surely, police reserved this draconian sanction for a known associate of Osama bin Laden, someone reasonably suspected of planning a reprise of the horrific London bombings of 2005, or in an investigation of a similarly severe threat.

But that's not how it was used.  Instead, the first known use of this authority came against (drum roll, please) an animal rights activist.

Police seized this woman's computer last May.  On November 3, she received an "invitation" to disclose her encryption keys and passphrase to police.  If she declines the "invitation," she faces a two-year prison sentence.

(For her fascinating account of her experiences, click here. The comments to her posting are also very interesting.)

Now, quite apart from the total violation of one's right to be free from "unreasonable" searches and seizures, what happens if you didn't knowingly encrypt any files on your PC?  Obviously, if you did so, you would have no encryption keys or passphrase to disclose.   Or, alternatively, if you deliberately encrypted files and then lost, accidentally deleted, or misplaced your private key, or forgot your passphrase?

What would happen in this situation? Stay tuned for tomorrow's blog entry.

Copyright © 2007 by Mark Nestmann

Last week, I described here how U.S. investigators forced Hushmail, a leading provider of e-mail privacy solutions, to divulge copies of decrypted, "plain text" e-mail messages.

At the time, it appeared that only one form of the encryption Hushmail uses was compromised.  But I've now learned that the company has developed techniques to eavesdrop on all users, albeit only in response to a valid court order.

A little background: in 1999, Hushmail, based in British Columbia, Canada, introduced a revolutionary service to make sending and receiving encrypted e-mail easier and faster.  Hushmail allows users to send and receive encrypted e-mail messages through a Web-based interface similar to Yahoo! or Hotmail e-mail.

The original—and supposedly surveillance-proof—encryption "engine" works by sending your PC a Java "applet" that performs the encryption.  Since the encryption occurs on your PC, Hushmail supposedly has no access to unencrypted messages.  Indeed, Hushmail promoted this capability by stating:

… Not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer."

Loading a Java "applet" takes a few seconds and delays access to a Hushmail account.  Some Hushmail users didn't want to wait.  So, in 2006, Hushmail developed a service that didn't require the applet.  In this service, encryption occurs in Hushmail's own servers, not in your PC.  This introduced an obvious vulnerability, which Hushmail confirmed earlier this month.  The company announced that in response to a Canadian court order, it had turned over 12 CDs worth of plain-text e-mail messages to U.S. investigators.

It now appears that Hushmail can send a "poisoned" applet to subscribers using the original, Java-based service.  That applet sends the targeted user's passphrase back to Hushmail, thus giving investigators access to the "plain text" of all stored e-mails and any future e-mail sent or received.  Again, this evidently occurs only after Hushmail receives a valid court order requiring it to turn over plain text messages from a targeted account.

According to Brian Smith, Hushmail's Chief Technology Officer, "The extra security given by the Java applet is not particularly relevant, in the practical sense, if an individual account is targeted."

Hushmail remains preferable to the alternative followed by 99.9% of e-mail users—sending unencrypted messages in "plain text."  Reading these messages is remarkably simple.  E-mail also has less legal protection than telephone calls, particularly with regard to messages stored in a Web based system.

However, if you're seeking stronger protection, encryption programs you install on your PC, such as PGP, are superior to Hushmail.  PGP isn't immune to attacks (e.g., an investigator might plant "Trojan Horse" software to steal your encryption keys and passphrase), but, properly used, it offers an extremely high level of security. 

Copyright © 2007 by Mark Nestmann, LL.M.

Sending an ordinary e-mail to someone is like sending that person a postcard.  It's easy to read the message at any point along the electronic chain over which the message travels.

The only way to protect the privacy of the message is to encrypt it.  Encryption scrambles the message using mathematical formulas that make it unreadable.  Only someone possessing the correct "key" can convert the message back to readable text.

Numerous companies (e.g., PGP) have developed programs to allow PC users to send and receive encrypted e-mails.  The best of these programs provide protection so strong that even the super-computers used by national intelligence agencies can't decipher messages created with them.

But learning to use these programs requires some effort.  It also requires a little additional time to encrypt or decrypt a message.  As a result, most PC users don't bother to encrypt their e-mail. 

To make using encryption easier, in 1999, a Canadian company introduced a revolutionary service to make sending and receiving encrypted e-mail easier and faster.  Hushmail allows users to encrypt their e-mail messages through a Web-based interface similar to Yahoo! or Hotmail e-mail. 

And it's not modest about its capabilities.  It claims "not even a Hushmail employee with access to our servers can read your encrypted e-mail, since each message is uniquely encoded before it leaves your computer."  Only, it turns out that this isn't necessarily true if a government agency wants to read your e-mail. 

In 2006, acting through the U.S.-Canada Mutual Legal Assistance Treaty (MLAT), U.S. prosecutors requested copies of decrypted, "plain text" e-mails from alleged steroid dealers.   Subsequently, in response to a Canadian court order, Hushmail turned over 12 CDs of plain-text e-mail messages to U.S. investigators.

It turns out that the only way that Hushmail could comply with the order was to exploit a vulnerability in the way it encrypts messages.  Fortunately, the vulnerability only affects a relatively new offering from Hushmail that doesn't require users to load and run a program called Java.

Loading a Java "applet" takes a few seconds and delays access to a Hushmail account.  So, in 2006, Hushmail developed a service that didn't require loading the applet.  But, this introduced the vulnerability into the Hushmail service.

In the new service, instead of the encryption occurring on your PC, it occurs in Hushmail's servers.  This requires that Hushmail briefly retain a copy of your "passphrase"—the string of characters you type in to authenticate yourself as the legitimate owner of your account.  Someone with access to Hushmail's servers can get at the passphrase and thus all of the messages in the account. 

Again, this vulnerability only affects Hushmail's newer, non-Java-based system.  If you don't mind waiting a few seconds for the Java applet to load when you log on to Hushmail, the company doesn't have a copy of your passphrase.

[UPDATE 11/20/07: Hushmail now admits that the Java-based system may also be compromised in response to a court order.]

Is waiting a few extra seconds worth the sacrifice?  Only you can decide that question, but if you value your privacy, the answer is an unequivocal "yes."

Click here to learn hundreds more ways you can protect your privacy and wealth, on or off the Internet.

Copyright © 2007 by Mark Nestmann

When Julius Caesar sent messages to his generals, he feared they might fall into the wrong hands.  To avoid having his war plans compromised, he coded his messages using a simple system that shifted each letter three positions to the right.  For instance, he replaced every M with P, every B with E, etc. 

Today, codes have become much more sophisticated, but the objectives are the same as in Caesar's time.  You want to send a message to someone that only that person can read.  Or, shifting back to our own time, you want to make messages (or other files) on your PC unreadable to anyone except for yourself.

A mathematical process called encryption makes this possible.  Encryption scrambles your messages or files using mathematical formulas that make the text unreadable to anyone except for someone possessing the key to "decrypt" it. 

Encryption programs are now available that even the super-computers used by national intelligence agencies cannot decipher messages created with them, at least not without an exhaustive effort.  They're easy to use, and cheap--sometimes even free.  I recommend them highly.

In keys, longer is better.  While the way a key is generated influences its strength, in general, the more "bits" a key has, the stronger it is. 

For instance, I use an encryption program called "Pretty Good Privacy" (PGP).  One of the types of keys PGP uses is called an "RSA key."  A 4096-bit RSA key is stronger than a 1024-bit RSA key.

And not just a little stronger.  Key strength increases exponentially with key length. 

Unfortunately, the early versions of PGP support a maximum key length of 1024 bits.  Recent research indicates that in near future, 1024-bit RSA keys will get "cracked" by increasingly powerful computers.  However, 4096-bit RSA keys remain very safe—for now.

If you're using 1024-bit keys to secure your e-mail or computer files, you should upgrade to a longer key.  The newest version of PGP, PGP Desktop, supports the stronger 4096-bit keys.  So does the free version of PGP you can download at http://www.pgpi.com. 

But act soon.  When asked whether 1024-bit RSA keys are dead, one cryptographic researcher involved the race to crack them said, "The answer to that question is an unqualified yes."

Act accordingly.

Copyright © 2007 by Mark Nestmann

You've surely received mailers or other reminders from telephone and cable companies offering "all-in-one" packages of telephone, television, and Internet services, with the package offered at a significant discount to the services priced individually.

But if read the privacy policies from the companies offering these packages, you'll may find that the providers may have the right to track what you watch on television and whom you call, in addition to monitoring which Web sites you visit, and what you buy online.  Some companies even reserve the right to read your e-mail.  This information belongs to the company, and may be used for any purpose provided for in the service contract, including selling your telecom profile to marketing companies or turning over the records to private investigators or the government. 

For instance, Time Warner Cable, which offers a combined telephone, television, and video service, says it may track "Internet addresses you contact and the duration of your visits to such addresses."  Time Warner says it "does not use or disclose any personally identifiable information that may be derived from these logs for marketing, advertising or similar purposes."  But, its "Affiliated Internet Service Providers" may monitor "information you publish on the ISP Service," which I interpret as giving the company permission to read your e-mail.  Further, it may retain "personally identifiable information" about your account for up to 15 years after you end your business relationship with the company.

Satellite television provider DirecTV says that it "may share customer information, including programming purchases, with selected media, entertainment, and other similar service providers."  However, you may "block the collection of Anonymous Viewing Information from your DIRECTV Receiver."

AT&T Yahoo! and Video Services goes farthest of all: it stipulates that, with respect to its Internet and video services, "while your Account Information may be personal to you, these records constitute business records that are owned by AT&T."  In other words, if you use AT&T's Internet or video services, the company owns, without reservation, your private data.

When you sign up for telecom services, you're stuck with whatever data collection and distribution policies the companies you choose have in effect.  However, some companies, like DirecTV, give you the option of blocking some types of information sharing.  I highly recommend doing so.

A better, albeit more expensive and time-consuming option, is to choose different companies to provide each telecom service you need.  For instance, you could use one company for local telephone service, but not use their cellular or long-distance services.  Purchase these separately, and if you value your privacy, choose pre-paid cellular and pre-paid long-distance services that you can purchase anonymously. 

Otherwise, your loss of privacy may be a package deal as well.

Copyright © 2007 by Mark Nestmann

Here's a new wrinkle in telephone service: in exchange for permitting your conversations to be monitored by voice recognition software, you can call anyone, anywhere in the world, for no charge.

That's the offer that a start-up company called Pudding Media is offering its customers.  Here's how it might work, according to a company press release:

" It's Saturday night. You plan to go to a movie with Ashley. But which movie should you see...? Time to call her and decide. You surf to ThePudding.com and call Ashley for free. As soon as you start talking about movies, a list of local movies, complete with reviews and show times appear on the screen. Now, what about dinner? Just talking about where to get dinner, and offers for local restaurants are displayed. Now you and Ashley have everything you need for dinner and a movie! Oh and just a few clicks and you've reserved the tickets and a table. Sweet!"

I must admit that I have misgivings about allowing someone to monitor my telephone conversations.  However, I have no objection to services like Pudding Media, because the monitoring is truly voluntary, and you actually get something in return.

Now, if the National Security Agency would just be as helpful when they secretly monitor your calls as authorized by the grossly misnamed "Protect America Act."  But I suspect that the recommendations from ThePudding.com might be more helpful. 

To learn more about how you can protect your privacy on and off the phone, click here.

Copyright © 2007 by Mark Nestmann

Bluetooth is a short-range communications standard intended to replace the cables that would otherwise connect portable communications devices; e.g., cell phones, laptops, etc.

Just about everyone seems to have a Bluetooth device, too.  The first few times I saw persons walking down the street, apparently talking to themselves, I thought I might be dealing with an outbreak of mental illness.  Then, I noticed the small blue device hooked to their ear.  This is a Bluetooth device—one of the hundreds on the market.

Because Bluetooth has been so successful, hackers have naturally tried to circumvent its security protocols.  There have been some spectacular security failures, the best known of which is a so-called "Bluesnarfing" attack that allows a hacker to remotely download the contacts list, diary, and stored pictures in Bluetooth-enabled cell phones.  While cell phone companies say they've closed this security flaw, older Bluetooth phones (certainly those manufactured before 2004) may remain vulnerable.

Now, researchers have discovered another vulnerability.  When your Bluetooth device is activated, an eavesdropper may be able to listen to your conversations—but only when you're NOT using the phone.  A modified radio scanner is all that's needed to listen in on conversations.  Someone can simply drive down the street with such a scanner, and when it detects a conversation broadcast by a Bluetooth device, listen to whatever's being said.  Essentially, the Bluetooth device acts as a microphone and transmitter, picking up whatever you say and broadcasting to anyone who with the equipment to monitor it. 

What's not yet clear is how far away the scanner can be from the Bluetooth device to monitor conversations on it.  It's at least 30 feet and I've seen one study that claims that broadcasts from more powerful Bluetooth devices can be monitored from 300 feet away, perhaps further.  But again, the attack works only when you're not using your phone.   

To protect yourself, don't use a Bluetooth device any more powerful than you really need.  Small over-the-ear wireless devices have very low power and are difficult to monitor.  But beware of larger units that connect to your vehicle's cigarette lighter or are dashboard-mounted.

If you're in the market for a Bluetooth device, look for one that requires you to press a button or otherwise manually synchronize the device before it's used.  Also, look for one that requires a PIN code and that allows you to change the PIN.

Finally, if you're not sure whether your Bluetooth device can be monitored, turn it off when you're not using it.

Copyright © 2007 by Mark Nestmann

A few months ago, I warned about the possibly disastrous consequences of carrying a laptop computer across a U.S. border. Basically, U.S. courts have said that Customs can confiscate your laptop, make an "image" of the hard disk and all the data on it, and use that data against you in a criminal proceeding—all without probable cause that you've done anything wrong.

But, the data on your laptop isn't the only information that might be used against you at the airport. Especially, don't let Customs see your address book. If you do, it might get copied, and later used against you.

That's what happened to Texas oilman Oscar Wyatt, Jr. in the Houston airport in August 2002. After being copied by Customs, the address book eventually found its way to the U.S. Justice Department. And it played a prominent role in the recently concluded trial of Wyatt in New York.

The 83-year-old Wyatt, you'll recall from a previous posting, was accused of complying with a demand from former Iraqi dictator Saddam Hussein to pay surcharges on oil exported from Iraq in connection with the United Nations "Oil for Food" program.

Wyatt pleaded guilty on October 1 to one count of conspiracy to commit wire fraud. He agreed to a sentence of 18-24 months imprisonment.

The address book was problematic for Wyatt, because it contains the home telephone numbers for top officials in former Iraqi dictator Saddam Hussein's regime, all of whom were off limits to U.S. companies in 2002. Just as troubling for Wyatt's defense, it contains numerous telephone numbers of officials in the Iranian government. There's also a listing for Marc Rich, who sold oil from Iraq and Iran in violation of U.S. embargoes.

While the existence of these entries doesn't prove that Wyatt did business with Iraq in violation of U.S. law, it provides circumstantial evidence that, in fact, he did. And that's why it was so potentially damaging. 

What could Wyatt have done differently? Given the explosive nature of the entries in the address book, it would have been well worth his time to have the information in it digitized and placed on an encrypted USB stick. (PGP (www.pgp.com) is one program that is capable of encrypting entire volumes of a hard disk or USB stick.) If that USB stick were confiscated by Customs, the information on it couldn't be retrieved without knowledge of the passphrase.

Oscar Wyatt will spend the next 18-24 months in prison. That won't be easy for an 83-year-old man in poor health. And a big reason why he'll be there is an address book that he could have easily protected.

Copyright © 2007 by Mark Nestmann

If you have the quaint idea that the e-mails stored in your Yahoo!, G-Mail, Hotmail or other "Webmail" accounts are somehow private, think again.  With one exception (see below), U.S. government investigators can read them, and now, private companies can do so as well in the name of "copyright protection."

It wasn't supposed to be this way.  Back in 1986, Congress passed a bill called the Electronic Communications Privacy Act (ECPA).  It was intended to extend the privacy protections that applied to telephone conversations on ordinary "land-line" telephones to e-mail, cellular phones, and computers. 

Naturally, like most other privacy laws in the United States, the ECPA has lots of exceptions.  One of the most glaring exceptions applies to e-mail or voice messages stored on an your Internet service provider's or telephone company's computers.  To read your stored emails or listen to your stored voice messages, police only have to demonstrate that the information it is seeking is relevant to an investigation.  They don't have to establish that there's probable cause of any crime.  (If you live in the states of Kentucky, Michigan, Ohio, or Tennessee, your stored e-mails have greater protection.  See my blog posting here)

An even broader exception may apply in civil cases involving copyright infringement.  In August, a U.S. District Court ruled that in a copyright dispute, the party alleging infringement can conduct ongoing surveillance of another party's stored e-mail messages, without their consent or other legal authorization, and not violate federal wiretap laws.  Indeed, the broad language of this decision makes it appear that it's legally impossible to intercept e-mail in a way that violates federal wiretap laws. 

I highly recommend that you go to any Webmail accounts you have and delete any messages that don't demand an immediate response. Make sure to empty your trash folder, as well.  If you want to keep a permanent record, keep one on your own PC, not online.

That advice applies no matter where you live, if you're using a U.S.-based Webmail service.  Since the servers are based in the United States, if police in the United States (other than in these four states) want to read your e-mail without a warrant, they can do so. That's true even if your country's law requires a warrant to read them.

Another good idea is to set up a free account at Hushmail (http://www.hushmail.com).  This company's servers aren't U.S.-based, so it's not subject to U.S. jurisdiction.   Plus, it's possible to send encrypted e-mails to other Hushmail users. 

And speaking of encryption...if you really want to protect your e-mail, encrypt any messages you wouldn't want published on the front page of The New York Times.  Unless someone manages to get hold of your encryption keys, and passphrase, anyone trying to read your messages will only see undecipherable gibberish.  PGP Desktop (http://www.pgp.com) is an excellent choice. 

For more information on protecting your privacy, on and off the Internet, click here.

Copyright © by Mark Nestmann

Several months ago, I criticized ZoneAlarm here for tricking users of its superb free firewall into downloading what they're told was version 7.0 of the program, but what was actually trial version for a paid program, ZoneAlarm Security Suite.

Since then, I've been searching for a replacement for ZoneAlarm.  I've finally found one which I like even better: the Comodo free firewall (http://www.comodo.com). 

Comodo has a look and feel quite similar to ZoneAlarm Pro, the paid version of the free ZoneAlarm firewall.  It alerts you whenever your PC tries to make a connection to the Internet, and permits you to accept or deny the connection. 

Crucially, and unlike the free version of ZoneAlarm, Comodo also alerts you when a program you've approved to connect to the Internet appears to be connecting on behalf of another process.  Since Trojan Horse programs that take over your PC often hijack other applications to connect to the Internet, this is an important function.  It also resists being terminated by viruses or other malware that try to turn off your firewall so they can connect to the Internet without detection.

Comodo was easy for me to set up—I was up and running in about 10 minutes. 

Comodo free firewall offers excellent protection, on a par with ZoneAlarm Pro.  Highly recommended if you don't already have firewall protection installed, or if you're relying on the inadequate firewall built into Windows XP.

Copyright © by Mark Nestmann

In yesterday's blog I described how you could be found guilty and imprisoned for the possession of child pornography, and not even know it, thanks to automatic "caching" features in Web software.  And how you just might have porn on your PC if porn spammers have your e-mail address, or if you've ever browsed an adult site--even if you never saved any photos or movies.

To protect yourself from the porn police, the best precaution is to turn off all forms of Internet caching.  This isn't always easy to do, because several different cache files are created automatically every time you go online.  For that reason, I recommend using a program like Window Washer (www.webroot.com) to delete these files automatically

You can also clear these files yourself. In Firefox, go to Tools/Privacy and uncheck all the boxes under History.  Then click on "Always clear my private data when I close Firefox."  Click on "Settings" and make certain "Cache" is checked to be deleted. 

In Internet Explorer (which I hope you're not using, because it's notoriously insecure), click on Tools/Internet Options.  Under the "General" tab, click "Delete Cookies" and "Delete Files" and click yes to delete "offline content."  Click "Settings" and set the amount of space to use for the Temporary Internet files folder to one megabyte. (Unfortunately, you can't set it to zero).  Under history, insert zero.  Since you can't set the size of the Temporary Internet files folder to zero, delete these files every time you use IE. 

Next, delete the content you view online stored are in directories created by the Java programming language, which is used in many Web pages.  Find the file "javaws.exe" on your computer, and click on it. This brings you to the "Java Control Panel."  On the "General" tab, click on the "Delete Files" tab under "Temporary Internet Files." Delete downloaded applets, downloaded applications, and other files. Then click on "Settings" and set the amount of disk space to use to zero. 

I can't promise these precautions will remove every trace of pornography from your PC that you may have unintentionally viewed.  But they will go a long way toward proving that you had absolutely no intention of "possessing" child porn.

Possession of child pornography is the kind of emotion- charged crime that can lead to aprosecutions and court decisions.  Under the Bush administration, prosecuting child porn cases has taken center stage. And even if you've never viewed a child porn image in your entire life, you're at risk.

I'll explain why in a moment.  But first, I'll summarize some of the wacky legal theories the anti-porn crusaders have persuaded the courts to enforce.

For instance, if you take a photo of your own children running across a room naked, or taking a bath, you can be imprisoned for "aggravated sexual exploitation of a minor."  Your children can also be taken away from you by a child protective services agency to prevent further "exploitation." 

If you possess a magazine or video that contains photos of models in sexually suggestive poses that in the opinion of "experts" appear to be under the age of 18, you can be imprisoned for possession of "sexual exploitation of a minor." The models don't even need to be naked.  It may be sufficient that in the opinion of "experts," they appear to be under 18 and are in "sexually suggestive" poses for you to be found guilty.

That's true even if the publication contains a stipulation that "all models are over the age of 18."  To avoid prison, you may be required to prove each and every model is of legal age, by obtaining copies of their birth certificates, along with proof that they were over 18 when the photos were taken.

But it's on the Internet where the porn police are working overtime.  Merely viewing a sexually suggestive image of someone you can't prove is over the age of 18 can land you in prison.  You don't even need to save the image; all prosecutors need to do is prove that you viewed it.

How can prosecutors prove that you "viewed" the image?  All they need to do is to examine the "cache" files on your computer, where a copy of everything you view on the Internet is automatically saved. 

And here is where the real danger lies for the vast majority of us who have no desire to view child porn.  Every day, billions of spam messages promoting pornographic Web sites are sent to millions of e-mail addresses—perhaps yours.  If you view any of these messages, the images they contain will automatically be stored in your Internet cache.  In addition, many Web pages display pop-up messages that contain pornographic images, which are again automatically stored in your Internet cache.  Viruses and other "malware" that surreptitiously plant porn on your hard disk are another threat.  If any of these images are of people in sexually suggestive poses who appear to be under the age of 18, you could possibly be arrested.

How might police gain access to your computer?  Police can obtain your browsing records from your Internet Service Provider without demonstrating "probable cause" that you've done anything illegal.  If these records show you've visited pornographic Web sites, that may be enough evidence for a judge to issue a search warrant for your home computer.  But even without a search warrant, police can simply walk up to your door, and ask anyone who answers for permission to examine your computer.  From there, it could be a short step to arrest and possible imprisonment. 

In tomorrow's blog, I'll tell you how to protect yourself from the porn police...until then.

Copyright © 2007 by Mark Nestmann