(This invited post comes to us from Jonatan Kurzwelly. Jonatan is a a Ph.D. candidate in anthropology at the University of St. Andrews. You can email him at email@example.com . his PGP fingerprint is: 1B4B 89B4 DD31 B05E 949A E181 B51C CA99 2FD6 6382 -Rex)
Imagine a situation in which everything you do on your computer, tablet or telephone is easily available to local authorities, criminal organizations, corporations or even your neighbors or their teenage children. Imagine that your electronic diary is public and anyone can read everything you have written about the people you work with. Every piece of secret, confidential information you have been entrusted with is being read. It doesn’t matter if you use nicknames and codewords – someone who knows the context of your fieldsite will figure it out. With the use of special software, all your text, photographs, videos and sound recordings can be quickly and automatically analyzed, regardless of the language you write in. Moreover, imagine that all of your communications with your colleagues, sponsoring institutions or supervisors are also publicly available. This includes field reports, emails, video conversations, instant messaging, phone calls.
These are not fantasies but real threats if you are not taking additional measures to protect your data and are using a computer! The aim of this post is to introduce the problem of digital threats for sociocultural anthropologists and their informants. My intention is to bring this issue into public debate within the discipline and suggest introduction of appropriate security training into research preparation. I then describe some free-of-charge methods and tools that increase protection from Internet surveillance and data theft. I focus on the need to protect researchers’ personal computers, as well as the benefits of increasing the digital protection, privacy and anonymity of their informants.
What I’ve described might sound like a crazy conspiracy theory or a Hollywood film. But in December 2011 WikiLeaks started releasing the famous Spyfiles, exposing the enormous industry that provides ready-to-use surveillance tools and training. Companies such as FinFisher or Hacking Team sell products which have been used to spy not only on criminals, but also journalists, activists and political dissidents. In June 2013, Edward Snowden – with the help of journalists such as Glenn Greenwald and Laura Poitras – started exposing classified information about NSA and the Five Eyes (an alliance of governmental intelligence agencies, including Australia, Canada, New Zealand, United Kingdom, and United States). Thanks to their work and their courage we now know about the global mass surveillance programs and the governments capacities to have complete overview of our digital activities. Consequentially, the freedom of expression and the use of Internet are changing and will probably have vast impact on many domains of life.
What’s more, there are many freely available tools which can be used to access your computer or spy on your Internet activities. It is not hard to find and download exploits, trojan horses or other malicious software (malware). It is also easy to find video-tutorials and descriptions that teach how to gain remote access to your hard drive or how to control all the traffic on a WiFi network. For example, a photograph you receive on your mailbox might contain a hidden malware that will give the attacker full access to your computer without you noticing it. Besides accessing all your files, the camera and microphone on your computer can be switched on remotely. The attacker could also monitor all the traffic of the Internet connection you are using, capturing all your passwords and everything you send and receive. Anyone can be tempted to try it out, even if it is just out of curiosity. Fortunately, there are means to protect ourselves from these types of intrusion.
It is common practice at many universities to conduct ethical reviews of research proposals and discuss ethical issues. Unfortunately, in my experience digital security is being disregarded. I strongly believe that we should not only discuss the existing threats and educate ourselves and our students, but also introduce security standards to be used in anthropology departments and put into practice during fieldwork. Ethical review commissions should also take these risks into account. It is our moral obligation to protect our informants’ privacy and anonymity with the use of the available means
Both the ASA and AAA ethical guidelines mention the importance of protecting informants’ privacy and anonymity.
Researchers have a responsibility to use appropriate methods to ensure the confidentiality and security of field notes, recordings, samples or other primary data and the identities of participants. The use of digitalization and of digital media for data storage and preservation is of particular concern given the relative ease of duplication and circulation. Ethical decisions regarding the preservation of research materials must balance obligations to maintain data integrity with responsibilities to protect research participants and their communities against future harmful impacts. (AAA, 2012)
While protection of research data is mentioned in both cases, the scale of existing threats is not stressed and there are no comprehensive recommendations of adequate tools and methods. Guidance on anonymization of writing or post-fieldwork archiving is easy to find, but personal computers’ security is neglected. This post aims to fill this gap.
This should be of concern to everyone, not just those who study illegal activities, collect particularly sensitive information, or work in conflict zones or countries which surveil journalists and activists. Due to the unpredictable character of fieldwork we should be prepared for the possible appearance of sensitive topics. There is no way of reliably assessing what kind of information, if disclosed, could cause problems to the individuals or the institutions we work with. We should respect and acknowledge the importance of privacy of our informants. In the same way that we carefully consider what and how to write we should protect our data from theft or interception.
In any case, lack of knowledge or digital sloppiness is not an excuse for negligence. I hope that this text will serve as a motivation to debate, learn and introduce higher digital security standards into social research and anthropology departments. It might also be a good idea, for anthropological associations, or for the World Council of Anthropological Associations, to create an Internet guide of available up-to-date tools and methods.
In the second part of this paper I introduce a few selected tools that increase the protection of files stored on your hard drive through encryption; provide guidance for creating strong passwords and managing them; encrypt email, voice communication and instant messaging; anonymize Internet use; and share and erase data safely. Finally, I discuss a ready-to-use operating system dedicated to privacy. Mind however that no computer programs or systems are perfect and there are no warranties for those tools to protect you. All the mentioned tools are available free of charge.
In all cases, refer to the software installation guidelines, recommendations and warnings. It is difficult to master the correct us of the mentioned tools and mistakes can be dangerous. Seek additional help if your digital security and anonymity are crucial.
This text focuses on personal computers only. Mind that other devices, such as telephones, smart-phones, tablets, and even your car’s electronic system are vulnerable as well. If you are using other devices to make, store, discuss or share research data, make sure you know about the threats and take action to reduce them.
One of the important methods we should introduce into our daily use of computers is encryption. Putting a password, even a strong password, in your computer gives limited protection. If someone stole your computer or hard drive, or even managed to get remote access, they would be able to access all your files. Cryptographic algorithms can protect your data by making it unreadable for attackers.
The safest method of protecting the data stored on your computer’s hard drive is full disk encryption. ‘Full disk encryption’ means encrypting all the stored data, instead just some selected files. There are ways around full disk encryption, such as infiltrating your computer before or during the encryption process, or try to decrypt your hard drive. When using strong algorithms, decryption is not feasible with current computing possibilities, as it would take too much time. As a result, encryption will make it harder to access your files. However it is still important to store your laptop safely, especially during research leave. It is also advisable to encrypt external data storage devices.
Some operating systems offer full disk encryption during installation. There are also programs which enable encryption of already-installed operating systems:
GNU/Linux – some distributions offer encryption when installing the system. If you have not chosen to apply it, you can use LUKS – https://gitlab.com/cryptsetup/cryptsetup/ (see “Readme” and “FAQ”)
Windows – DiskCryptor – https://diskcryptor.net
OS X – FileVault – https://support.apple.com/en-us/HT204837
WARNING: Before initiating a hard-drive encryption, make sure you have done a full backup of all your data. A malfunction might cause losing all your files permanently.
Your security is highly dependent on the strength of your passwords. Software exists that can test all possible password combinations (the brute-force method) in high speed, which makes short passwords extremely vulnerable. Fortunately, there is a simple and effective method of creating strong passwords with just the use of a dice and a diceware word list. By matching generated numbers with at least six words from the list, you can create a long, easy to remember and randomly generated passphrase.
Diceware Passphrase – http://diceware.com
word lists are available in several languages
Short video explanation – https://www.youtube.com/watch?v=Oc6NiSrlvVc
It is of key importance you do not reuse your passwords at different accounts, even if you modify them slightly each time. If you reuse your password, a potential intruder will have access to all your accounts. To help with keeping track of multiple pass-phrases you can store them in a password manager program. This way, you will only need to remember the one password for the manager.
GNU/Linux, Windows and OS X – KeePassX – https://www.keepassx.org
GNU/Linux and Windows – Password Safe – http://pwsafe.org
Short video explanation – https://www.youtube.com/watch?v=LrazAxl9Prs
WARNING: It is important to keep a backup of your passwords – for example, writing them down on a piece of paper.
Secure email is important for ethnographic research because it assures the privacy of your communication with your informants, supervisors or sponsoring institutions. The main threats to confidentiality lies with your email provider and your internet connection. Some of the major email providers have been accused of cooperating with governments and intelligence agencies. Institutional email does not necessarily offer more safety, especially at the universities that entrust their institutional email service to external providers. It is also possible to sniff (intercept) your password from Internet traffic. Thanks to the efforts of software developers, there are a number of ways to make your communications more secure.
The best way to safely send messages is to encrypt them on your computer before sending.
When encrypting email it is important to make sure the recipient can decrypt your message but no one on the route of the email to its recipient can (avoiding a man-in-the-middle attack). A very good cryptographic method for this purpose is the public-key encryption. With this method you need to create two, long and randomly generated, keys. One of them, the public key, only serves for encrypting. You can publish it on the internet for anyone to use. The other key is private and serves for decrypting messages that have been encrypted with your public key. You must keep your private key secure. Public-key encryption uses mathematical algorithms that are easy to compute but impossible, within feasible time, to reverse without knowing the private key. This means that people can send encrypted emails to you without the need to exchange secret keys. It is important to share your key fingerprint together with your email address – short sequence of bytes that refers to your public key and serves to authenticate it.
The same goes for writing to others – you should use their public keys to encrypt your messages. Once you encrypt a message it is impossible, even for you, to decrypt it. All the encryption will take place on your computer and your messages will be sent through Internet afterwards. It is recommendable to encrypt all your communications, not only the sensitive ones, as it could draw unnecessary attention.
GNU/Linux, Windows and OS X
This method requires several simple steps: installing and setting up an email program, installing an encryption plugin, creating your keys, sharing the public key and the key fingerprint, learning how to use it. A very good, step-by-step, guide has been created by the Free Software Foundation – https://emailselfdefense.fsf.org
This guide is available in several languages.
Video explaining how PGP works: https://www.youtube.com/watch?v=E5FEqGYLL0o
If you wish to use an email provider that respects and enforces your privacy, see this list of alternative email services – http://www.prxbx.com/email/
There are also higher-privacy alternatives to encrypt video conferences, internet telephony or on-line chatting. For example, programs that support the off-the-record (OTR) cryptographic protocol can encrypt your instant messaging communications.
GNU/Linux, Windows and OS X – Jitsi – a video, internet phone and instant messaging manager. It supports SRTP and ZRTP encryption for calls and OTR for instant messaging – https://jitsi.org
If you are connecting directly to the internet, attackers can use traffic analysis to keep what websites you are visiting or who you are communicating with. Even if your communication is encrypted, it is possible to tell who you are talking to and much of what you are doing. To ensure anonymity and privacy you should use internet anonymously. Many universities offer Virtual Private Network (VPN) connection, but with this technique the VPN provider can still see your traffic. The currently most popular method of browsing the web anonymously is Tor. Tor is an anonymity network that distributes and directs your traffic through a series of randomly chosen virtual tunnels (nodes – the points through which the traffic passes to reach its destination) encrypting it at every point. In this manner no single node can know the whole route of your traffic, protecting you from Internet surveillance. Journalists use it to anonymously contact sources and whistleblowers. We should also have the possibility to communicate anonymously to our informants. Local authorities, criminal organizations, corporations, or others might be alarmed by seeing that you communicate with someone who is considered a local troublemaker (even if you use encryption and they cannot see the content). With Tor it is impossible to tell who you are communicating with and this can protect your informants from unexpected consequences. Browsing certain web pages might also draw attention, as for example opposition or activist web sites or forums (some intelligence agencies have been accused of monitoring those who browse Islamic webpages and portals). It also allows you to access web pages which are blocked or restricted.
GNU/Linux, Windows and OS X
Tor project website – https://www.torproject.org
For browsing you can use the Tor-browser – https://www.torproject.org/projects/torbrowser.html.en
Read warnings before using – https://www.torproject.org/download/download.html.en#warning
Using Tor might also draw unwanted attention in areas where few people use it. To conceal that you use Tor, use the provided Tor-bridges.
Tor video explanation: https://www.youtube.com/watch?v=JWII85UlzKw
For a more comprehensive understanding of Tor, read the documentation provided on the project’s website and see the talk by Jacob Appelbaum and Roger Dingledine, The Tor network, we are living in interesting times, at the 30th Chaos Communication Congress (27.12.2013) – https://www.youtube.com/watch?v=MhJ4sjyj13Q
Examples of search engines that respect your privacy:
DuckDuckGo – https://duckduckgo.com
Additional anonymous DuckDuckGo service for Tor users – 3g2upl4pq6kufc4m.onion
StartPage – https://startpage.com
Secure Data Storage
Even if you use the most updated tools and encrypt everything, you might be legally obliged, or in worst case tortured or coerced, to decrypt your files (which some illustratively call rubber-hose cryptanalysis). If you gather highly sensitive data during fieldwork it might be a good idea to store them in a distant geographic location. Anthropology departments could provide their researchers with safe confidential data storing service (preferably air-gapped and independent from the university networks and servers). You could also ask a family member or a friend to store your files at an encrypted external hard drive in their home. This way you could keep backup copies in safe locations and would be free to decrypt your fieldwork equipment under pressure. To do that, you will need to transfer your data to the entrusted person. Smaller files can be send via encrypted emails. For bigger transfers you can use OnionShare, an application for anonymous file sharing through the Tor network.
GNU/Linux, Windows and OS X – OnionShare – https://onionshare.org
It is also important to know that deleting files from your hard drive does not erase them completely. With a simple recovery tool it is possible to see the files you have deleted, as long as you don’t overwrite them. If you want to erase something permanently, you can use an additional program.
GNU/Linux and Windows – BleachBit – http://bleachbit.sourceforge.net
OS X – use the Securely Empty Trash option
For CDs and DVDs – simply shatter them.
Warning: because of wear leveling it is very difficult or at times impossible to permanently erase files from Flash Drives, SSD or SD Cards.
Secure Operating Systems
While I highly recommend taking the time to secure your personal computer and protect your digital activities, all of the tools mentioned above can still be useless if your operating system has already been infected or if it contains security vulnerabilities. I want to emphasize the benefits of using free or open software (e.g. GNU/Linux operating systems). When you choose to use proprietary, closed-source software you subject yourself and your safety to the corporation that created it, which might create backdoors – methods to remotely access your computer. Such access might be discovered and used by potential intruders. Free or open software, on the other hand, is created by community effort and assures open source code for everyone to review and correct.
To learn about the major distributions visit: http://distrowatch.com/dwres.php?resource=major
Examples of proprietary backdoors: https://www.gnu.org/proprietary/proprietary-back-doors.html
Alternately, you might want to use Tails. It is a GNU/Linux live operating system, which means you can run it from a DVD, USB stick or an SD Card without modifying the computer and without leaving any trail. Tails is dedicated to assure your anonymity and privacy. All Internet connections are forced to go through Tor and tools necessary for encryptions are pre-installed. Therefore it is perfect for using on other computers, or in case you suspect that your computer has been compromised. It might be a good idea to have a working copy always at hand.
Tails – https://tails.boum.org
If you plan contacting your informants through internet, consider teaching them these safety measures. The Tails system is relatively easy to use and comes with all the tools pre-installed, therefore it might be a good idea to share copies with your informants. It is not recommended to discuss any sensitive information over telephone.
This is just the beginning. Here are more on-line guides for a more complete list and in-depth explanations of available digital privacy tools.
EFF Surveillance Self-Defense – https://ssd.eff.org
EPIC Online Guide to Practical Privacy Tools – https://epic.org/privacy/tools.html
Information Security for Journalist – http://www.tcij.org/resources/handbooks/infosec
PRISM-BREAK – https://prism-break.org
Security In A Box – https://securityinabox.org/en
Journalist Security Guide – https://cpj.org/reports/2012/04/technology-security.php#1
You can also attend a CryptoParty to learn more – https://www.cryptoparty.in
If digital security is crucial to your and your informants safety, contact experts for training and advice. Professional help might be available from the Center for Investigative Journalism (www.tcij.org) or from the Tactical Technology Collective (www.tacticaltech.org).
Finally, while there are many tools that can enhance your Internet protection, there is no way to assure complete security.
The best way to protect yourself from cyber attacks is to create an air-gap, that is not to connect to the Internet at all. You could choose to have an encrypted laptop which you use exclusively for diary writing and data storage, with all the networking devices switched off or unplugged (i.e. taking your wireless and Bluetooth devices out of your computer or cutting their wires). For air-gapped machines to be secure, avoid plugging in any devices you do not trust. Your security might be compromised with, for example, an USB drive that automatically installs malicious software when plugged.
It is also important to remember that technical knowledge and daily routine do not prevent human error. It is important to be wary of what you discuss with others. Someone might try using simple social engineering methods to gain your trust and gather information.
The Journalist Security Guide discusses many other security issues subjects, beside digital safety
Different field sites require different methods to assure privacy and security. Although it is easy to be accused of paranoia, I insist that we cannot reliably predict what data and situations will emerge during a long-term-research. We should be prepared to apply highest levels of security to our research, or at least know about the existing tools and methods so that we can apply them if necessary.
It is important to recognize that some of these tools are very difficult for non-advanced computer users. We should hope that software developers will make them easier and that operating systems will have them installed by default. For now, however, it is of crucial importance to address digital security issues in anthropology departments and provide necessary training for researchers, supervisors and students that might not be able to learn it by themselves.
By no means is the author responsible for any damage caused by use of the programs or methods described in this paper. The author is not affiliated with any of those programs or their creators. The world of informatics is rapidly changing, therefore it is possible that the tools described here will soon be outdated. It is important to investigate the available applications and methods before choosing one or another.
I want to thank Yaman Cakmakci, members of Chaos Computer Club, Berlin’s CryptoParty for their technical advice and Marina Girona Raventós and Tomi Bartole for their comments. I also want to thank Alex Golub for his encouragement, comments and stylistic help.