Ever since Edward Snowden leaked information on mass state surveillance of internet communications by spy agencies like the NSA (the US National Security Agency), the CSIS (the Canadian Security Intelligence Service) or the GCHQ (the British Government Communications Headquarters), the world has been abuzz about the intersection of technology, privacy, and freedom in the digital world. And while many are aware that the governments are involved in surveillance and data mining, I imagine most would think they are too small a fish to be spied on, or worse yet – assume the “I’ve got nothing to hide” argument.
As a close friend of Mark’s and a strong believer in freedom in all its forms, inspired by Mark’s fortitude to serve the common good even at a cost of his own personal freedom, well being and even life, I spent much time coordinating Best Gore’s behind the scenes operations and preparation of counter offensives against the Canadian psychopaths who seek to destroy the free flow of content and ideas on the internet. It is for that reason why you may have heard of me, but wouldn’t have seen me around much.
I can’t however take all the credit myself, as several people have contributed and continue to offer unconditional support for the just cause. To name just a few from among those you see on Best Gore, I’d like to especially recognize acneska, nastypersuasions and McTreblar (in no specific order).
Needless to say, because we are all spread out across the world, we rely on the electronic modes of communications to stay in touch with one another and effectively coordinate our team work. After a while, however, we started to suspect that our communications are being monitored.
In this post, I will tell you how we had it confirmed with 100% certainty that all our incoming and outgoing email communication is being spied on, and will also offer a few simple tips that anyone can do to prevent the government from knowing about your every step before you even take it. And while none of what I’m going to suggest is a secret – to the contrary it’s perused often by privacy minded people – you won’t find many (if any) mainstream media outlets bringing it to the people’s attention. They must not want you to keep your private life private. I wonder why…
I will avoid getting too technical and will only focus on easy things to do so anyone, including the non technical types can take these steps to help safeguard their privacy on line and protect conversations with one another from eavesdroppers.
As a disclaimer, I would just mention that this will not be an exhausting guide to privacy and I can make no guarantees that by following these simple tips your privacy would be unbreakably secured. They are likely to protect your communications, but governments including the U.S. and Canadian have made progress in breaking or circumventing some cryptographic technologies and because they are inherently secretive, we plain and simple do not know what their capabilities are.
But because I suspect many of you may have been tricked by the corporate media to adopt the (extremely dangerous) “I’ve got nothing to hide” mindframe, let me address this first.
The “Nothing to Hide” Argument
In its December 16, 2005 article published by the New York Times titled “Bush Lets U.S. Spy on Callers Without Courts: Secret Order to Widen Domestic Monitoring” by James Risen and Eric Lichtblau it was revealed that the Bush Administration secretly authorized the NSA to engage in warrantless wiretapping of American citizens’ telephone calls. This event started the tsunami of mass surveillance.
Communication surveillance however is not the worst of thing. The real danger lurks in the rather innocuous sounding “Data Mining”. Data Mining involves what the government refers to as analyzing personal data for patterns of suspicious behavior.
On May 11, 2006, the USA Today published an article by Leslie Cauley titled “NSA Has Massive Database of Americans’ Phone Calls” which was reported to be the largest database of customer records in the world.
Then on June 23, 2006, the earlier mentioned Eric Lichtblau and James Risen reported in an article titled “Bank Data Sifted in Secret by U.S. to Block Terror” published by the New York Times that the U.S. government had been accessing bank records from the Society for Worldwide Interbank Financial Transactions (SWIFT), which handles financial transactions for thousands of banks around the world.
It was after this revelation when people finally started to question the government’s data mining practices, however they were quickly shut down by the complacent ones who struck back with “when the government engages in surveillance, it is no threat to privacy unless you are involved in unlawful activity, in which case you have no legitimate justification to claim that it remain private.”
This type of thinking was beaten into people’s heads by the governments who used it to justify the installation of millions of CCTV cameras. The program in Britain was launched with a campaign based on the slogan declaring that: “If you’ve got nothing to hide, you’ve got nothing to fear.”
That you’ve got nothing to fear if you’ve got nothing to hide is however a ridiculous argument, as it’s based on the underlying assumption that privacy is about hiding bad things. Even if you truly have “nothing to hide’ legally, you’re still a private person with the right to the sovereignty of your individualism, personhood or autonomy. Everyone has thoughts and emotions they don’t want the society to intrude upon.
Surveillance can create chilling effects on many freedoms, including freedom of speech, freedom of association, etc. Even if people only engage in legal activities, sole knowledge that all these activities are under active surveillance can inhibit these people from engaging in them. Chilling effects can reduce the range of viewpoints expressed and the degree of freedom with which the people engage their activities.
An even more frightening concept of data mining is the fact that none of us knows how all this data is used. None of us has access to the data that’s been collected about us, nor what the system has profiled us as based on the data collected. The sole fact that the very existence of data mining was kept secret for years is telling. And even now, we are told little about how long the data will be stored, how it will be used, and what it could be used for in the future. From that standpoint, it is impossible to assess the dangers of the data being in the government’s control.
Murders of Rebecca Shaeffer and Amy Boyer further prove that there are dangers to mining data of people who “have nothing to hide”. Rebecca Shaeffer was an actress killed when a stalker obtained her address from a Department of Motor Vehicles record. Amy Boyer was murdered by a stalker who obtained her personal information, including her work address and Social Security number, from a database company.
How We Found Out with 100% Certainty That Our Email Conversations Are Spied On
That Canada is a very dangerous place to live in we found out very early after Mark’s arrest. While protection of the right to freedom of speech is virtually nonexistent and attacks on journalists which resulted in scores of them bankrupted and in complete ruin are more frequent in Canada than in any other first world country, making Canada an absolute hell hole for reporters who dare inform the public about the truth, Canada also stands out like a sore thumb from many other jurisdictions, including the United States, by having no constitutional protection of the solicitor-client privilege.
We observed that hearing after hearing, the enemy (the Canadian government represented by its henchmen in form of the prosecutors, police and judges) appeared to constantly have an advanced knowledge of Mark’s strategy and plans for defense. Whereas in democratic countries the accused has the right to privacy within which to prepare the case and plan strategy without undue interference, we found that in Mark’s case, this democratic right is not respected at all.
To determine whether this is just us imagining things, or whether all Mark’s electronic communications, as well as all electronic communications of the rest of us who have been assisting Mark with his defense against the enemy are indeed spied on, we put them to a little test.
For that, we used the .onion based self destructing messaging service called SMS4TOR (I’ll explain what it is and how it can help protect your privacy in the following paragraphs).
Server that houses SMS4TOR is hidden behind the TOR proxy wall and is therefore untraceable by normal means. An untraceable server cannot be gotten into by authorities because they have no means to know where the server is located or who it is hosted with. SMS4TOR also stores messages in an encrypted form so even if someone did manage to hack into it, all they would find would be sequences of characters that doesn’t make any sense without a decryption key. To crack an encrypted text with brute force is possible if the password is weak, but it would still take a very long time (months or years).
The way this service works is that you write a message and when you’re done, it gets encrypted and you are provided with a link containing the decryption key. Once the decryption key is used, the message self destructs (gets securely deleted from the server), therefore each message can only be read once. In other words, the moment the content of the message is displayed on a screen is also the moment it is destroyed. Any subsequent attempt to access it again will fail for that message no longer exists. As such, if you send a message to someone and they read it, you know for sure they were the only person in the entire world who read it. Nobody else but you who wrote it and he/she who read it will know what was in it, unless you decide to share.
In a perfect world, email communication would flow between intended parties without being spied on, so if you emailed a decryption key to the one person you want the message to be revealed to, they would use the decryption key they got in the email, and use it to reveal the message as it self destructs. But if your email communication is spied on and the spy really wants to know what you wrote, they would feel pretty upset if you used self destructing messaging system as that presents them with but two options:
- Never find out what you wrote
- Find out what you wrote, but reveal to you and your contact that your email communication is spied on
In our case, the spies who monitored our email exchanges were way too eager to know what we wrote so for them, giving us the 100% proof that our email communications are spied on was less important than not knowing what was in the self destructing messages we exchanged.
I first sent a self destructing message from my @bestgore.com email address to a supporter with a Gmail. By the time he opened it a few hours later, it had already been self destructed, which means it had been read by someone else. I then did the same with another supporter with different mainstream email address and the outcome was the same.
I then sent an email from an @bestgore.com email address to a @mail.ru based email address (servers in Russia) which I have access to. It was once again read by a spy. However when I tried the same by sending yet another message from one Russia based email address to another Russia based email address, the code revealed the content on the message, thereby proving to me that email accounts hosted on servers in Russia are not spied on.
After a bit more testing, if I used an email address hosted on a server physically housed in the USA, Canada, Australia or EU, regardless of whether I was on the sending or the receiving end, the content of the email was read by a spy who opened the self destructing message, thereby revealing to me with 100% certainty that this email communication was intercepted and the content of the encrypted message accessed by an unauthorized third party.
The trouble was that email providers from Russia had all their websites in Russian, which made their services vastly inconvenient to use by people who don’t speak Russian. So I did some further testing and found that emails sent to and from the TOR version of urssmail.org email service were also not read by spies. After that, I instructed people I needed to have confidential email exchanges with to create an account there.
We each created an email account on urssmail.org and used self destructing messages to share with each other aliases of new accounts, thus ensuring nobody but us knew what our email addresses were. Since spies no longer had the means to know what email addresses we switched to (which means they didn’t know which accounts to try to hack), we’ve managed to keep our conversations private without the technical knowledge we’d need in order to set up personal encryption system, such as PGP on our local computers.
Unfortunately, since then, the TOR version of urssmail.org email service has stopped working and the website, which is hosted in New Zealand can now only be accessed directly. I don’t see New Zealand as messed up Canada or the USA, however their recent raid on the Kim Dotcom’s residence at the bidding of the American ZOG makes Kiwi government untrustworthy.
Steps You Can Take to Lock Authorities Out of Spying On You Easily
First, if you don’t have it yet, download the TOR browser from here:
TOR stands for The Onion Relay because all requests made are passed through several layers of privacy servers (layered like an onion to protect the core), securing the end users with a great level of anonymity. Just download, install on your local machine and run it. It will bootstrap to the TOR network and will open an internet browser that is based on Mozilla Firefox so it looks and works in a similar way, except that instead of accessing websites directly, it accesses them via a network of some 5,000 privacy servers.
The way you use TOR browser is exactly the same as you use any other browser (be it IE, Chrome or Firefox). But if you use TOR, no one, often not even your ISP or the websites you are visiting will be able to identify that it was you who visited them. This could prevent easy spying which can be done on the ISP level.
This can also be used to circumvent any censorship or access ban. For example, if you tried to access bestgore.com by using free WiFi at McDonald’s, you wouldn’t get through because access to sites deemed “adult” in nature is banned. But if you used a TOR browser, you’d get on the website without any problems because now McDonald’s WiFi cannot see what websites you are accessing, nor which computer requests are originating from. All they can see are encrypted, unidentified packets coming in and out. No source (your computer), nor destination (websites you are accessing) can be determined from them.
While TOR is not 100% fool proof, as at one point the US spies hacked into a TOR server located in France and were able to monitor traffic passed through that particular server (though it is questionable as to what extent they were able to decrypt it), good thing about TOR is that it changes which servers you are being passed through all the time so you’re never in one location for too long. Plus even if there are occasional hacks into particular servers, techs that manage them usually find out that someone hacked in quickly, kick them out and patch the exploit.
In general terms, TOR provides pretty solid anonymity and it’s also a gateway to what’s known as the deep web. The only way for the government to get access to deep web servers is by luck, as there is really no straightforward way to trace route to the deep web servers. TOR network, even though government sponsored, is open source, meaning it can be independently audited. As such, it is known to be secure and with no backdoors. Many governments, including the US and Canadian contributed to the TOR network because it’s a way for activists in what first world government’s would call “dictatorships” to eluded censorship.
How ironic that Canada fits right in there with the world’s most ruthless dictatorships in that activists in Canada face brutal repression and persecution, that Canada even forces prior censorship upon journalists, which is a tyrannical practice not even the most notorious autocracies resort to, so activists must rely on tools like TOR in order to continue serving the public good.
The only downside to using TOR is that every website will load slightly slower than with a straight browser. However what you gain in terms of privacy for literally zero effort on your part is immense. All it takes to start using TOR is to go to the link I provided above and download and install the browser. It’s that simple. Just download, install it and start it up. Use as your regular browser, although if you really want to stay anonymous, you will need to change a few habits as there are exploits TOR has no control over. Such as if you downloaded a PDF file and opened it while connected to the internet, it could reveal who you are to the owner of a remote host, for the document could have remotely hosted images embedded in it and the remote host can be set up to trace which IPs are accessing these images.
If you don’t mind sacrificing poshy features of your Gmail account for simplicity and more privacy, you may consider setting up an email account with urssmail.org, however bear in mind that while it’s owned by Brazilians, it’s hosted in New Zealand. If the website was hosted in Brazil, the level of privacy would be significantly higher:
A safer privacy minded email option would be a service that’s behind TOR proxy, such as TorBox:
Note – this is an .onion based URL. It will only resolve in the TOR browser (will not work in straight browsers). Also note that many of these hidden services are provided free of charge with owners having little to no means to monetize them. As a result, they are hosted on inadequately powered servers and are sometimes unavailable as a result. If the website doesn’t load, try a few moments later.
SMS4TOR self destructive messaging system can be accessed on the following URL:
SMS4TOR is also sometimes down but it works most of the time and has been very helpful in keeping our conversations private.
An important part of preventing the governments from profiling you would be to stop using Google, as well as other mainstream search engines, including Bing and Yahoo, but Google is by far the worst. Many people who use TOR recommend DuckDuckGo.com, which is a great service which I don’t have major reservations against. I do however like Start Page better. Start Page is also said to fetch the search queries with Google so you get Google results less Google spying and data mining:
If you own an Android smartphone, head over to the Guardian Project website and download the TOR proxy router (Orbot) and a browser that works with it (Orweb) from there:
As for people who own an Iphone of other Apple products… good luck with those. If privacy and sound future are of any concern of yourn, I’d be looking for the fastest way to get rid of them.
I hope you guys found this article helpful and found in it something of value. Remember, you have nothing to lose by keeping your private life private. Whereas allowing the governments to continue stockpiling private data about you for undisclosed use in the future – you just never know in what fashion this could backfire.
This should be especially of concern to people who live in Canada for as we see from what’s happening to Mark, that fact that you commit no crime, that you cause no harm or loss to another, that there is no victim to your actions – none of this matters. In Canada, it’s not necessarily people who do something bad, wrong or illegal that become targets.
There will be another post we’ll make which will address how bad it really is in Canada for this quest to assist Mark lead us to dozens of other victims of tyranny that has no match in the world, but that’s outside of the scope of this article.
Also, there is much more one could do to safeguard their privacy, such as loading your computer up with a Tails OS and setting up a Mozilla Thunderbird email client with PGP encryption, but the latter is tricky to properly set up even for experienced computer guys, which can be extremely frustrating when attempted by the less tech inclined people. So to avoid confusion, I intentionally limited the guide to tips easy to implement by anyone.
Let me know what you think,