Category: Security

Phone Encryption

It’s been a while. We were hit with a particularly nasty virus, and we suffered it sequentially, so it took a good three weeks to clear the house. And another week or two to recover.

But! I succeeded in encrypting my phone over the weekend.

I had this on my list for locking down my private data, but put it off because it seemed daunting. At least, the email encryption was a task, and I wasn’t ready to tackle the next one.

James mentioned something about wiping his phone and I said, “Yes! I want to do that!”

My phone is a mess. This seemed like a good time to start over.

James wiped the phone for me, but it’s a very simple process. This is for an Android phone, which is what we have:

Back up your data. I use Google (which is another can of worms on the privacy front), but there is also an Android app you can use, which I believe James does.

Go into Settings. Find Backup and Reset (under User and backup). Choose Factory data reset.

If you are really paranoid, you can then load “dummy” data (photos and files), and wipe it again, repeat until you feel secure, so that your “real” data is hidden under layers of dummy data. I did not do this.

When the phone starts up again, you can choose from a list of apps to reinstall, if you’d like. If you reinstall at this stage, your data will be reinstalled with them.

Once you have everything (or nothing) restored, you can encrypt.

I did find one site that recommended encrypting before wiping, so that anything that was left after the wipe would be unreadable to prying eyes. I didn’t do that.

To encrypt, go into Settings. Under System, choose Security. Under Encryption, choose Encrypt Phone.

Your phone has to be charged and plugged in to encrypt. The popups warn it will take an hour. With my newly wiped phone with several apps reinstalled, it took less than 20 minutes.

Once that is done, go back to Settings –> Security –> Encryption and choose Encrypt SD Card. Again, it warns you this might take an hour. Mine was empty; it took about 30 seconds.

Now that your phone and SD card are encrypted, you should probably set a password on your lock screen (Settings –> Lock screen) and choose secure start up (Settings –> Security).

And that’s it. Super simple.

 

Encryption Achieved

I’m proud to report that I am now able to send encrypted emails. Woo!

It was not quite as simple as I thought it would be.

I went back to the step-by-step guide at Email Self-Defense.  I can follow a tutorial, I thought. How hard can it be?

As I wrote about before, I had already set up Thunderbird and cleaned up my Gmail account so that I could reasonably use it. I have even started to open my email in Thunderbird instead of in a browser window. Progress!

So now I’m ready to install the plugin and create some keys and get rolling.

But first: I realized that my Gmail account was pretty insecure to start with. I have recently changed my password (I think mainly due to not being able to remember it on a new device), and so now I decided to set up two-step authentication as well.

Two-step authentication means that you will basically need to enter two passwords when accessing your account from a new machine. The first is the regular password you set up on your account. The second is generally a code sent by text message to your phone. I had never set up this feature because I live in an area where cell service is not a given in all locations. For example, I don’t have cell service in my office. I do, however, now have reliable cell service in my house.

But when I go back to work in the new year, I will have to go through the two-step authentication to access my Gmail there. Luckily, Google gives you the option to save a few static codes, each of which can be used once to access your account. I saved those to a flash drive that I can bring with me.

While I was at it, I did this with my Facebook account as well.

Phew. Much more secure.

But, oh no, now Thunderbird can’t access my Gmail account. Now I have to create an app password for Thunderbird that acts in place of the two-step authentication. Okay, I got that, no big deal.

Here’s where I made my first misstep: When you create the app password, Google tells you that you will not need to keep this password anywhere, you only need it the one time, never fear. So after I entered the password, I closed the window and forgot about it.

Except, when Thunderbird asked me if I wanted to remember the password with a password manager, I said no.

I’ve tried to make it clear from the beginning of this journey that I really know almost nothing about security and encryption and all that, and that I am documenting my experience so that others who know almost nothing can get encrypted as well. Here’s where that lack of knowledge shows itself.

There is such a thing as a password manager. A password manager is a separate software program that keeps track of your passwords. You create a strong password for the app, and then you have access to all your passwords for all the various websites and accounts you need to log into on a regular basis. Instead of having to remember 13 different strong passwords (or, much worse, using one password for all of your accounts), you only have to remember the one to get you into the password manager. Most of these apps also have the ability to generate random strong passwords for you to secure each of your individual accounts.

So when Thunderbird asked me about saving the password in a password manager, this is what I thought it meant. I don’t currently use a password manager, so I said no.

Whoops. Really, Thunderbird wanted to know if Thunderbird should remember the password. I should have said yes. If you’re following along at home, say YES to remembering the password in Thunderbird.

Now I had my two-step authentication all cleared up (I thought), I started following the steps to set up Enigmail in Thunderbird. The steps in the Email Self-Defense tutorial are pretty straight-forward and easy to follow.

Except I had to keep generating new app passwords for Thunderbird, which was really annoying.

And then I got to the end of the tutorial and tried to send an encrypted test email to the bot, and it failed.

It took me about two hours at night, after the children were in bed, to get this far. At this point, I threw my hands in the air and gave up.

“Don’t give up!” James said.

Fine, I won’t give up, but I’m not looking at this any more tonight.

Well, it was more like a week before I got back to it. My brother was in the town for the holidays, and I asked him to help me troubleshoot. We found that I had chosen to send to “only trusted keys” instead of “all available.” We changed that, and everything magically worked.

Okay, fine, it’s not magic. But it worked! Billy and I sent a couple of test emails back and forth. He showed me the gibberish of the unencrypted message on his phone. Cool.

But, here’s the rub: You can only send encrypted messages to someone who is also enabled to send and receive encrypted messages. Well, I guess you could send them to everyone, but only people who have set up encryption will be able to read them.

Which means, at this point, that I can talk to my brother and a bot named Edward.

There is an option in Thunderbird, when you send an email, to attach your public key. Billy said this is how people will know that you can send and receive encrypted emails. Possibly this is also a way to raise awareness about encryption as an option.

But, hooray! Encrypted!

Big Brother Really Is Watching

Allow me to take a little side street on this journey toward encryption. It came to my attention this week that the American Civil Liberties Union is taking the NSA to court over its practice of intercepting, copying, and searching pretty much all of the Internet traffic that leaves America and heads abroad.

Yeah, apparently this is a thing that happens. Constantly.

How is this possible? Don’t we have a Constitutional amendment that protects us, as U.S. citizens, from unreasonable search and seizure? Wouldn’t any reasonable person agree that a search with the scope of “every email sent outside of the United States” counts as unreasonable?

Well, here’s what happened:

Back in 2001, a group of terrorists hijacked planes and few them into the World Trade Center in New York. More than 3,000 people died. And all of America was terrified.

According to The New York Times,

Months after the Sept. 11 attacks, President Bush secretly authorized the National Security Agency to eavesdrop on Americans and others inside the United States to search for evidence of terrorist activity without the court-approved warrants ordinarily required for domestic spying, according to government officials.

Under a presidential order signed in 2002, the intelligence agency has monitored the international telephone calls and international e-mail messages of hundreds, perhaps thousands, of people inside the United States without warrants over the past three years in an effort to track possible “dirty numbers” linked to Al Qaeda, the officials said. The agency, they said, still seeks warrants to monitor entirely domestic communications.

The New York Times goes on to point out that this marked a dramatic shift in the scope of operations of the NSA. Up until this point in 2002, the NSA only monitored foreign communications and threats. For the first time, the NSA was spying on Americans. The only thing that makes this a little more palatable is that the NSA insisted it was only monitoring about 500 people domestically and a few thousand abroad. So, at the very least, these were at least semi-targeted searches.

Another consequence of the 2001 terrorist attacks was that Congress began tinkering with a 1978 act, the Foreign Intelligence Surveillance Act (FISA). FISA is the legislation that allows the NSA to monitor telecommunications of suspected agents of foreign governments. The NSA can apply to a special FISA court for permission to spy on overseas agents.

The first amendment, The USA PATRIOT Act, came right on the heels of 9/11, and expanded the definition of “foreign agents” to include individuals working for an overseas group, such as al Qaeda, that is not explicitly affiliated with a foreign government.

And thus ensued much debate over the provisions of the amendments. One of the most interesting arguments to come out of this legislation is the idea that the telecommunications companies that must be complicit with the government in the surveillance deserve protection from lawsuits brought by those being surveilled.

In 2007, President Bush again asked Congress for more power to spy on Americans, urging them to pass the Protect America Act allowing the U.S. government to bypass the FISA court when seeking to monitor communications in which the originating party is not in the United States. Even if that foreign person is talking to an American citizen who is sitting in Iowa. Congress obliged, giving the NSA and other government agencies the ability to spy on innocent Americans in pursuit of terrorism, as long as they believe that one party is physically located outside the United States.

But this act only lasted for six months. So Congress had to approve another amendment to FISA if any of these provisions were to become permanent.

So they did.

In 2008, Congress pass the FISA Amendments Act (FAA). Some interesting bits:

  • The FAA permits the government not to keep records of searches, and destroy existing records (it requires them to keep the records for a period of 10 years).
  • The FAA grants telecommunications companies immunity for cooperation with authorities.

But don’t worry. There are some protections in the act, too. Like, if the NSA was spying on an American citizen who lives abroad, and that citizen returns to the States, the NSA has to stop spying on them while they are in the country. But the NSA can resume surveillance as soon as they are “reasonably” believed to have left the country. Also, the NSA is forbidden from spying on a foreign person in contact with an American with the sole purpose of spying on the American.

I feel a lot better about all this, don’t you?

The FAA was set to expire in 2012. President Obama took office in 2009, and we all breathed a sigh of relief, because surely he wasn’t into spying on Americans the same way President Bush was.

Except. Not quite.

In 2012, Congress approved a 5-year extension of the FAA, and President Obama signed it.

One positive outcome was that a young man working for a contractor for the NSA became concerned that the government was abusing the power granted it through the FAA, which was used to justify mass surveillance programs. Edward Snowden leaked classified documents to journalists that detailed the extent of the NSA’s surveillance.

(Wired ran a fascinating interview with Edward Snowden from his exile in Russia in 2014.)

That’s the — very  much abridged — history. To sum up, the NSA has been laying the groundwork for massive surveillance programs through executive orders, legislation, and litigation for over a decade.

The most recent ACLU lawsuit specifically addresses what is known as “upstream” surveillance by the NSA.

“Upstream” describes the way the NSA has parked itself on the Internet to intercept all the traffic that flows through it. Not just the metadata (information ABOUT a message rather than the content of the message, like the date it was sent and who sent it), which the NSA claimed previously was all it was collecting under its mass surveillance programs, but the actual content of the messages moving from America to foreign persons. Also, if the communication was between two Americans, but it passed through a foreign server, it is also subject to collection. And, remember, back in 2002, the NSA WAS monitoring the domestic communications of Americans. They said they have stopped.

Wikimedia (which runs Wikipedia, to which I have linked extensively in this post) is the main plaintiff in the case, arguing that the NSA is violating the First (privacy) and Fourth (unreasonable search) Amendments with this program.

To bring this side trip back around to the point, this is exactly why all Americans (and probably all people of Earth) should take steps to encrypt their communication. Although the average citizen’s most private emails might not be more provocative than the details of a surprise birthday party, there are many institutions and individuals doing really important work (Amnesty International, for one; journalists covering foreign affairs for another) that would fall subject to this upstream surveillance. Imagine the need for privacy for communications centered on obtaining asylum for a political refugee. And then realize that you can help protect that refugee by making encryption routine.

Managing Ridiculous Email Inboxes

I want to get back to my journey toward encryption.

When last we discussed it, I was in the process of moving my Gmail account to the Thunderbird client as the first step toward encrypting my email communication. The roadblock I encountered was the sheer number of messages in my Gmail account, which Thunderbird began downloading to my computer. Thunderbird doesn’t have the nifty tabs (Promotions, Social, etc.) that Gmail created and that I spent time training Gmail to use the way I want it to. So everything was getting dumped right into the inbox.

Eek.

With help from my handy husband, James, we managed to clear out the bulk of the old stuff. Remember, I opened this email account in 2006 or so, and had never deleted a significant number of emails.

First, we went back to Gmail in my browser and did a search for email within 1 year of a given date. I think we started with 1/1/2006.

In the search bar, click the arrow to get a more advanced search box. Then you can change the drop down at the bottom to “date within 1 year of XX.”

Now I can archive all of these messages, get them out of my inbox, and Thunderbird won’t download them (alternately, you can spend time deleting them en masse, if you’d prefer).

This still resulted in tedium (I really had THAT MANY messages in my inbox), so James had the idea to search on “unsubscribe” instead of the date range. This did capture all of the mass marketing emails, or, at any rate, enough of them to make a difference. Sent to the trash!

You also can use this advanced search box to create a filter, if you don’t want to delete or archive all these messages, but you also don’t want them all in your Thunderbird inbox. A filter will also help keep new messages under control. I get more than 50 Promotions messages a day (yes, I’ve started using that “unsubscribe” link on some of them).

For example, you can search for all messages in the Promotions tab, and click “Create a Filter with this Search” (at the bottom right of the dialogue box).

You now have several options: Archive all the messages, forward them to another email address, delete them, label them. I chose to categorize them as Promotions. This created a folder, which Thunderbird can see and display, where all my Promotions emails are now being sent.

An interesting side effect of this filter is that I no longer see these emails in my Promotions tab when I go to Gmail in a browser. So far this is working out just fine. (They do show up in the new Promotions folder, way down the list on the sidebar, so I can find them in a browser if I want to.)

I chose to allow those messages that Gmail splits into the Social tab in my Thunderbird inbox. I don’t get an overwhelming number of those on a daily basis, and I’ve intentionally sent a few specific daily emails there because I don’t necessarily want them in my inbox, but I don’t want them lost in Promotions, either. We’ll see if I find this annoying after a while.

Now the flow of incoming messages to Thunderbird is something approaching reasonable, and I can go and look at all the sale flyer emails I get when I feel like looking.

This is a sidetrack on the way to securing my emails. Thunderbird is going to be the software that allows me to send secure messages, but I had to make it usable before I could set up security.

(And I have to adjust my habit to actually start using it as opposed to the browser, but that will come with time.)

Privacy in the Internet Age

I want to talk a little bit about privacy and security online. It’s becoming clear to me that part of my drive to write again is that I am suddenly afraid that my right to publish a blog in which I speak freely about my opinions on the government (or anything, really) is not guaranteed.

So I have begun to think about online security.

Security and privacy are things that we should all be concerned with, as my husband and my brother have been saying to me for years. I, however, have fully embraced a public identity on the Internet. This is where society is heading, I reasoned. We don’t hide behind usernames anymore. My Facebook account has my real name on it and I use it professionally as well as personally. Even this website is under my real name. I am not concerned with people knowing who I am.

What I am coming to realize, however, is that using my real name on the Internet and having concerns about privacy and security are not mutually exclusive.

I’ve begun to think really hard about which aspects of my online life to secure, which aspects to alter, and which aspects to give up.

It’s giving me a headache.

A big part of my problem in grappling with these issues is that I just don’t know enough about how the tech works. I know there are secure apps, like Signal, for certain functions, like text messaging. My brother (Hi Bill, now you’re not anonymous!) switched over to Signal a while back and asked that I use it to communicate with him. Since it was important to him, I did. He and my husband are my only contacts on it.

Last week, however, I was reading the August 2016 issue of Wired (I know, I’m behind on my reading), which has a profile on Moxie Marlinspike, the man who is responsible for the tech Signal uses to encrypt text messages. This is where I started my research. It is fascinating but still really confusing to me.

I mentioned to Bill that I was starting to be interested in this subject, and he sent me to Email Self-Defense at the Free Software Foundation. The step-by-step tutorial seems easy enough to follow. And I can still use my Gmail account!

Inspired, I decided to download Thunderbird on the machine I use for my work. But I couldn’t, because my husband (whose public-facing website doesn’t reflect who he is and what he does because he’s been helping me so much; thankyouIloveyou) is running Linux on this machine and he needed to run a command to install a new app, and we are now over my head on the technical end again.

Side Note: I am frustrated by my lack of knowledge of how computers actually work. I can navigate software pretty well, and I know my way around a database and am familiar with some very basic web design elements, but I get out of my depth very quickly. I am trying to catch up. I keep thinking about the organizers of the Arab Spring, who came up with creative solutions to access the Internet when the government cut it off, and I know that, with my current knowledge base, I would be absolutely isolated if I suddenly lost access to my Comcast account. At the moment, I have relatives who would be able to help me out, but I feel the need for more independence.

Anyway, we got Thunderbird installed and connected to my Gmail. James announced it was downloading 100,000 messages.

Whoops.

I set up my Gmail account way back when it first launched, sometime around 2004 or 2005. I think I had to be invited to set up an account. And the primary draw for me was that Gmail offered so much storage, I didn’t have to worry about deleting messages. At the time, I was working in research, and I had a significant number of news alerts set up, so it was nice to not have to worry about cleaning out my inbox on a regular basis.

I have never been in the habit of deleting email in this account.

Now I find myself stuck for a bit, as I have to do some significant cleanup before I can reasonably use Thunderbird, and contemplating why I’m putting myself through this exercise anyway. (I intend to detail for you how we managed to wade through this mess, but that will be a separate post.)

I am aware, mostly because of James and Bill, that our Internet freedoms are under assault from a government that feels threatened by encrypted phones. And that the rules about how the government can access encrypted information could be changing soon. We should all be very concerned about this.

A standard argument is that, if you have nothing to hide, you don’t need to encrypt your daily messages. This is the same reason police give for performing searches of homes or vehicles without a warrant. It doesn’t matter that you actually have nothing to hide; it matters what a prosecutor can prove in court. Everyone (I hope, after watching Law & Order for a decade or so) knows not to consent to a search without a warrant.

It’s the same thing with encrypting your messages, text or email. Just because you have nothing to hide doesn’t mean the government has the right to read them.

Also, the more people who encrypt their messages, the harder it is for the government to listen in. They might have no interest in your emails, but they might be very interested in your neighbor’s, who is organizing an important protest, or preparing to become a whistleblower. Encryption in and of itself is not an admission of guilt, and the more people who are encrypted, the more encryption will become standard.

You owe it to the whistleblowers of tomorrow to encrypt today.

If you didn’t click the link above, here’s the gist of the proposed rule change:

The Supreme Court on Thursday approved a rule change that would let U.S. judges issue search warrants for access to computers located in any jurisdiction despite opposition from civil liberties groups who say it will greatly expand the FBI’s hacking authority.

U.S. Chief Justice John Roberts transmitted the rules to Congress, which will have until Dec. 1 to reject or modify the changes to the federal rules of criminal procedure. If Congress does not act, the rules would take effect automatically.

Magistrate judges normally can order searches only within the jurisdiction of their court, which is typically limited to a few counties.

We have only until Dec. 1 to register our opposition to this rule. I called my Congresspeople last week to register my support for their opposition to Steve Bannon having anything to do with government (I have really awesome Congresspeople). This week I will call to urge them to oppose this rule change. Call your Congresspeople. It is easy and even kinda fun. The staffers who answer the phones are very polite, and it’s their job to bring your comments to your Congresspeople.

I will continue to document my experience with becoming more encrypted. It’s clear to me now that it’s more of a project than I initially anticipated.

And if you have my cell phone number and want to switch to Signal, let me know.

 

© 2024 Jennifer LK Clark

Theme by Anders NorenUp ↑