警聲
ISSUE 1006 December 25, 2013 to January 14, 2014

Information Security Tips Series
Protect your Privacy against Internet Surveillance

0 Photo

From time to time, news about Internet traffic being intercepted and monitored gave rise to public concerns. In fact, it does not need to be a hacker to monitor your traffic. Actually your Internet Service Provider (ISP), your carrier, your boss, and even the IT system administrator that sits beside you can know what you did in your computer.
 
As data transmission via the Internet is similar to sending a postcard to a destination, and all you have written on the postcard may be exposed to the intermediates during transit. In other words, the instant messages you sent, or Internet calls you have made might be known by all intermediates, or hops, like your ISP or carrier.
 
If you think accessing encrypted sites is secure, you are making a mistake. There are many appliances for monitoring Internet activities of corporate users. Usually these appliances have much fancier purposes, like content filtering, firewall, parental control, proxy and bandwidth utilisation, etc. However, they all end up exposing your Internet activities. Most of them are able to decrypt your web traffic, scan them for anything unusual, and re-encrypt the data on your behalf before sending them out.
 
Even if your ISP, carrier or corporation does not deliberately monitor what you did, recording the metadata associated with your action is equally being monitored. Technically speaking, metadata is "data of data". It is the properties of the data. They can be the date and time, place or counterpart you made the Internet call or the instant message. Your carrier may not know what you actually did, but if it records the metadata of your activity, it knows when you made them, or whom you sent them to.
 
Although there is no way to completely protect you from being watched, there are ways to protect your privacy:
 
(1) Use a Virtual Private Network (VPN) service when you access the Internet. By using a VPN, nearly all your Internet traffic are protected, and hence far less people know what you email your loved ones during working hours. You may also use software specialised in anti-censorship to access the Internet. It will reduce the data and even metadata being collected.
 
(2) Install security software in your computer and your mobile device, and keep them updated. Many tools used for surveillance are already considered malware. Installing them and keeping them updated will reduce the chance of your activity being exposed due to software issues.
 
(3) If you must send or backup a file online, encrypt your files before doing so. It does not guarantee the encrypted file will not be cracked into, but it reduced the chance of being exposed if one day they are leaked in search engines.