In light of Snowden revelations - have you changed?

Have you changed habits? How about software, or companies you do business with? What about services, and support?

For me, I've almost totally abandoned US-Corporate software;

Browser - Norway
Cloud - Netherlands
Antivirus - Germany
Malware - USA
Adware - Australia
Email Client - Romania
Password Client - Finland
Defrag - India
Email Host - Norway
Web Host - Lichtenstein
VPN - Singapore
Webmail (backup) - Netherlands

I do not believe I have ever practiced such avoidance. But more interestingly, my clients - in droves - are fleeing US-based tech companies, and half of my calls are for migration. In terms of Hardware I've dropped Juniper and Cisco altogether, and will no longer deploy them, much less use them personally. I'm not alone..

http://www.informationweek.com/clou...s-cloud-computing-survey-finds/d/d-id/1113385

http://www.huffingtonpost.com/2014/01/24/edward-snowden-tech-industry_n_4596162.html

PS: Has MBAM posted an official statement on Prism/NSA? I'd love to see it if they have...
http://www.informationweek.com/secu...ompanies-whitelist-nsa-malware/d/d-id/1112911

 

You do realize that 99% of what you read happens OUTSIDE your computer?
So the choice of software and even hardware really makes no difference.

That said, I haven't changed a thing. I have always been aware that anything I do online is automatically something I would not mind making it into the public domain, therefore, it's all good.

You might enjoy this:
http://www.dedoimedo.com/computers/nsa-surveillance.html

Cheers,
Mrk

 

no change at all.

i'm of no interest to the NSA.

 

Not really, still using all major services.

By the way:

https://www.wilderssecurity.com/showthread.php?t=353482

 

You are now!

 

No change, I was paranoid before Snowden revelations

 

I haven't changed anything at all- just thought about the implications more often.

To the OP:
As far as using only non-US corporate software;
if it makes you feel better, that's fine, but realize that all governments and corporations in (their) sphere of influence spy to some degree- for self-preservation if nothing else.

I'm resigned to the current state of affairs only because this intrusion by governments and business has been a reality for decades. We were born into it and have grown up in it with the only difference between today and sixty years ago is that it's much more pervasive and sophisticated now.

-So it comes down to measures that are more 'feel good' than effective.
My belief is that no software will render you anonymous from organizational intrusion if you are deemed a 'person of interest'.

I'm truly sorry to be so pessimistic. It's just the truth as I see it.

 

Yes I did. I wasn't aware that spying was going on to that extend. I have done the following:

OS for net browsing - Linux
Cloud - SpiderOak with no private information, Dropbox for pictures only.
Antivirus, Malware, Adware - all gone from my system
Webmail - Norway
VPN Service - US based but only to bypass school censorship
Software in General - all open source

I have became Microsoft Free. I still have gmail but Im in the process of getting rid of it. Otherwise I became 100% Google free. I still use iphone because I simply found no open source alternatives out there but it may change soon. As for iphone, I refused to get iphone 5S with fingerprint scanner. The salesman tried hard to enroll me into NSA-Apple fingerprint database but I refused.

This is more of my personal protest against the U.S. government and the corporations which complied without ever challenging the law. I don't think, anything I do on the net can be kept private. I don't even trust the VPNs and the Tor is not safe either and not suitable for daily web browsing. I also don't trust European based companies because I know they will bend over to the U.S. gov't as well.

 

Same here.

 

The Snowden revelations made me mad enough to set up a Tor exit node. I've also modified my Proxomitron filters to remove as much identifiable info as possible.

I've been forced to choose between having my income deposited in a bank account or having it put on a debit card. They no longer issue checks, supposedly to cut costs. Partly in response to mass data collection in general and partly for personal reasons, I closed my bank accounts and do no business at any bank. I withdraw all of the money from the debit card on the day it's added and use cash whenever possible.

 

I do not believe in software/service discrimination solely due to its country of origin. The probIem is the law and how things are done...that must be solved by the relevant agencies and authorities.

I choose NOT to boycott corporations like Microsoft and Google...partly out of necessity and convenience; partly due to me understanding the reasons why they choose to proceed with certain actions despite concerns of user privacy. I may not necessarily agree with the actions or reasoning themselves but I am not going to blow things out of proportion either.

Call me a pragmatist. I love ideals but I do not make my decisions to fit them.

 

Ditto.
And I suspect the more foreign services you use, the more interesting you are, and the higher likelihood your communications could be mapped.

 

Exactly. I use a lot Google services specifically because I do certain things that are legally required to be publicly accountable. and if called into question, Google is great for leaving a clear record.

I've actually been dealing with local, state and federal government for the last few years and I've found the federal government to be the least open and transparent. On the state and local level, there are officials who are not transparent on a personal level but in the federal government , there is a cultural and institutional tendency towards secrecy.

I have only tweaked a couple of things due to the Snowden revelations on the technical level but they have been very interesting to me due to my personal experiences in dealing with the federal government on matters that had nothing whatsoever to do with counter terrorism.

 

A waste of time... if they need to access to your data they will regardless of the software you use

 

No change here either.. There is basically nothing you can do that makes any difference anyhow. If they want your machine, or your data, you can't stop it. Period..... To think that you can is naive...

 

Have I changed? To some extent, yes.


1. I still use the major free emails (Google, Yahoo, Outlook/Hotmail, AIM), but for my most important correspondences (if I don't want the emails stored on one of their servers) I make extensive use of my @carrier.blackberry.net email. Not sure if that means those emails are on BlackBerry's servers or Sprint's servers, but at least I might have some cause to complain because the email address is part of a paid service. And yea, of course someone could intercept the emails I send from that address, and my recipients might just be handing them to Google, yahoo or anyone else anyway, but at least I did my part by giving it some thought and tried to minimize the exposure.

2. I keep my webcam covered unless I want to use it.

3. I keep a wire that goes nowhere plugged into my laptop's microphone jack.

4. I'm still not a facebook or twitter user. I won't voluntarily and knowingly hand photos of my loved ones (or other personal details like calendar data) to those corporate, social whores.


I was never so deluded to think my unencrypted communications weren't exposed, but the security of the data I store on my devices is very important. I know that with my BlackBerry, it's unlikely that anyone who finds, steals, or confiscates my device under color of law will be able to decrypt my data even if he successfully performs a chipoff and accesses the data from the device's memory. That's a big deal, and it's enough for me at this point.

 

I agree that if they are after you, there is virtually no possibility to escape. However, minimizing your online footprint makes a big difference when it comes to the "mass" aspect of the surveillance (where you are not a specific target).

 

No, not at all

 

I´ve changed my email adress from Gmail to Runbox (Norway)

 

I've made no change in my security setup or practices.

hqsec

 

Not using any American browser, AV, or mail service.

 

Runbox is good. I used Mutemail, then Countermail, now I am with Neomailbox.ch, but changing to something else pretty soon. I tend to 'cycle' through jurisdictions, and providers. Part of the reason is I actually AM of interest to the NSA, but at the very least the clients I do work for are. I've done computer/IT work for a few 'important' folks in this city with reasons to be concerned, helping them lock down their gear, etc.. I'm a bit paranoid for a reason.

However, consider that much of these changes are more of a form of PROTEST for companies supporting, or allowing, or answering to the NSA. In some cases working with them without a fight, or aiding them to violate the constitution. Let's face it, do you want to reward Norton, or AT&T when they sold you out? I surely don't, and taking your cash/business outside of this country is one way to protest. By the looks of it, a whole lot of companies are choosing to do this - for their own reasons, security included.

Also I consider what I do today 'insurance' from an uncertain future. That is, do you want someone knowing everything about you in the distant future without knowing the impact this information can have, or how it is used? That's a dangerous thing to ignore. Everyone has skeletons in their closet, no exceptions to that - guaranteed. The question is - you cannot be 100% sure you aren't of 'interest' to anyone, and you cannot be 100% sure you won't become interesting to someone. Are you willing to accept that risk?

Consider this - the DHS now considers anyone stocking food, interested in survival, or having bugout bags as a 'potential' terrorist. Now they consider anyone interested in health food, environmental issues, and conservation as a potential adversary. How long before the categories to 'monitor' expand to encompass you? I can tell you with certainty the NSA monitors this, and virtually every other popular forum, can you be certain you won't get triggered for an automated meta session? Nope.

Therefore, why not take precautions, and limit risk, and information leak? Seems prudent, and intelligent to act in such a way without becoming over the top about it. For me, I am more focused on localized protection. Encryption of drives, files, directories, databases. Locking down operating systems, and reducing leakage. Assuming you feel you cannot do anything about what is 'out there' (which you actually can), at the least everyone should be marginally aware of what they can do localized wise.

Snowden revelations only made me more secure, more anonymous, and more privacy aware. I already was prior to the revelations, but after them much moreso than ever before. It's helped my family, and best of all my clients to become more secure, and to take what I tell them seriously. Now when I tell people to not use Gmail, and to Encrypt, they listen - before getting them to listen was problematic at times. Anyone still doing what they were doing before isn't playing the game smartly, and I continue to be stunned at the number of people using Yahoo type mail services still. Absolutely amazing.

 

I don't disagree with you. Even in-house solutions don't offer a absolute guarantee that the government won't exploit some vulnerability, MITM your connection, install some sort of backdoor, or simply move to obtain physical access with or without your consent. Avoiding the surveillance state in the physical world is equally challenging. Isolation and bartering might help keep you off their radar, but if they wanted the information there are a whole bunch of legal/illegal ways to get it.

Since the Snowden revelations, I have tried to educate family and friends, but haven't had to terribly change to much. If they decide to invade my privacy and trample on my rights, then I might as well make the process as painfully time consuming as possible. It's not like most of us have something that we honestly need to hide. I think for most of us, this is more about principle than anything else. To each their own.

 

Tin hat mode:

You might think you are of no interest to the NSA, but as no-one but them know the criteria they use, you don't know. And that is ignoring the possibility that you could become a person of interest for no good reason (human/machine error).

 

Not really, haven't seen anything that surprised me from the Snowden revelations.