Wednesday, June 17, 2009

Time to get your GPG on

I just saw this article in the New York Times detailing how the NSA is reading thousands upon thousands of emails by "Average Joe" American Citizens. Collecting and reading your email without warrant or cause, in an effort to "combat terrorism". As if terrorists suddenly started sending viral video links with the subject of "FW:FW:FW: You've Got to check this OUT! TOO fUNNY"
And if they are intercepting your email, what's to say they aren't changing it, too? I can imagine a bored NSA operative intercepting an apologetic email from some poor schlub to his girlfriend after he forgot her birthday. An email pleading for her to join him at a five-star restaurant at 7 PM as a make-up olive branch.
Said bored "analyst" does a quick Facebook check on the chick, finds out she's cute, local, and loves to read spy thrillers.
So he changes the email to read an 8 o'clock reservation at a different restaurant, sets up a block on her cell phone so the unluckily forgetful boyfriend can't call her to confirm, shines himself up and heads out for an evening meal alone. With an 8:30 reservation. At the restaurant he put in the email. Where he can "happen" to bump into the poor woman just as she realizes her jerk boyfriend stood her up. Again. And he can pretend his date did the same, and wouldn't she like to have dinner with him, no sense in wasting the reservation.
Couldn't happen, right? Next time someone says "I could have sworn I told you 7 in the email" think about it.
So what's the solution? At a minimum sign all your messaegs with GPG so at least if the Snoops are reading the latest mundane details of Uncle Mortimer's Gout Attack they can't change it without the party on the other end knowing.
Even better would be establishing a Web of Trust amongst all the folks you know and/or regularly communicate, so that you can send all correspondence encrypted, only readable by the intended party. So when the NSA intercepts your email, they can't read the contents and only know the sender and recipient. Think of it as a really really secure envelope sent via the mail. Regular email is a postcard. The postman, and any other person that handles it along the way, can flip it over and read that you are having a great time at Camp Wannadewme. Digitally signing your email is akin to a postcard that let's you know if anyone has changed it during transit, so no one can forge a "funny" p.s. at the end that will get you grounded for the rest of the summer when you return from camp.
GPG encryption is along the lines of a super-duty regular envelope, in that the postman and others know the delivery address and the return address, i.e. the sender and recipient, but can't read the contents without tearing the envelope, a feat that is incredibly difficult to do so long as you keep your private key private.
Of course, there are ways to anonymize the sender and recipient in email, much like leaving the return address off a snail-mail envelope, depositing it in an out-of-town mailbox, and sending it to a drop box instead of a home address.
Easy, simple, and it keeps the NSA and anyone else from snooping on you for no good reason, right? I've done nothing wrong, I'm a normal, tax-paying citizen of the United States, I have a right to privacy and just don't want the government reading my personal correspondence without a warrant.
Except there's a catch or two.
First, if you follow the links I posted you will see this technology is freely and easily available to anyone. Including the bad guys. So it's safe to assume the Bad Guys, at least the ones with half a brain, are already using it. The NSA is only intercepting readable email from the inept and the innocent.
Secondly, overzealous collection aside, getting your email actually read, and your email address on a watchlist, at the NSA most likely requires a trigger. A keyword in your email, or an anomaly, something to make it stand out from the hundreds of thousands of other grocery lists and chain letters.
Like encryption.
lets say there are a half dozen friends in your Web of Trust with whom you routinely correspond. One lives near you on the East Coast of the U.S., NY or DC, another in the Pacific NW, Los Angeles, Chicago, New Orleans, and Dallas. And the NSA suddenly notices that all of the email between these seven is encrypted.
And they'll probably notice. To crib some from Little Brother think of looking for a needle in a haystack. First you identify hay. The majority, and what you aren't looking for. In this case, routine email. From normal citizens. Which by and large isn't encrypted, it's plain text, or (ugh) HTML.
If you worked for an intelligence agency and noticed a group of seven people located in disparate major metropolitan areas had suddenly started exclusively sending encrypted email back and forth, and doing so in relatively high volume, what would that look like?
The needle.
So what's the answer? Got me. Care to comment?

No comments: