"Going Dark"
“I have nothing to hide because I have done nothing wrong.”
These are famous last words. As Julian Assange recently noted in his testimony at the EU after his release from prison, he said the fundamental mistake he made was assuming that because he was in the West, he could count on there being the rule of law, that he could rely on the fairness of the legal system to protect his rights. He said he expected persecution and harassment from powerful entities as Wikileaks did its journalism, but he didn’t anticipate the legal system itself becoming weaponized. He didn’t realize that they start with their conclusion—which is your guilt—and then “find” excuses in the available “evidence” to justify that conclusion. They don’t start with a presumption of innocence, analyze the evidence, and then reach a conclusion in good faith. And, even if they sometimes do, the process of justice itself is a punishment, particularly when you have to wait in prison for years to fight extradition, to await trial, etc. Then there’s the cost of your defense as well, which is bankruptcy inducing.
The government knows this. That is why it is doing it. The goal is to silence whistleblowers, dissidents, and journalists. It is to make an example of them so others don’t do the same. The government is doing mass surveillance and collecting everything it can and storing it in the NSA’s Utah Data Center indefinitely, even the encrypted streams (these may eventually be cracked by quantum computers) because you may not be a target today, but you might be the future, and, should that day come, the government has the “goods” to get you. It doesn’t matter whether you are innocent or not. AI can produce fake evidence and plant it. Dates can be manipulated. Misleading associations between metadata points can lead to false conclusions which make you seem guilty of whatever they are claiming. It’s enough to derail a potential nomination to a future Presidential Cabinet position, Supreme Court Justice position, etc.
Counting on political solutions to the problem of mass surveillance and corruption is only half the equation. The other half involves you. You must do what is required to preserve your privacy and practice good security practices. This not only protects you from mass surveillance but also it helps prevent private hackers from getting your information and stealing from you. So it is a two for one.
“Going Dark” refers to the process of avoiding mass surveillance. It is the process of reclaiming your privacy. I recommend everyone do this, no matter who you are, whether you are a journalist, dissident, whistleblower, or even just a grandma who uses Facebook to see recipes and photos of your grandchildren.
Going Dark
Don’t use the regular phone or text messaging. These are insecure methods of communication and should NEVER be used for sensitive or confidential communications. If you want to order a pizza or call the plumber, then fine, use them. But for having a heart-to-heart which also involves your finances, politics, etc., use encrypted messaging systems, such as Signal or Briar.
Email is inherently insecure. If you must use email, don’t use Google, AOL, or Yahoo. Use ProtonMail or Tuta.com, which are encrypted email services. The messages are only encrypted if your recipient is also using the same service. ProtonMail allows you to send a message to a non-Proton user that is password protected, which is excellent, though.
Enable Two-Factor Authentication. Don’t use SMS authentication using text messaging on your phone. If you lose your phone, you’re done. Also, it is easy for the glowies to clone your SIM card. A better way is to use an open source browser extension called “Authenticator” (not Microsoft or Google Authenticator). This allows you to encrypt your codes and back them up in case your computer crashes or your computer is stolen. Two-factor authentication makes it far more difficult for hackers to get into your accounts and may save you a lot of grief.
Use privacy-focused browsers like Firefox with uBlock Origin and Privacy Badger enabled, along with Https Everywhere. Also, use Brave Browser. These options block trackers, stop targeted ads, and help reduce malware that focuses on ads as well.
Use privacy-preserving search engines. This means not using Google. Use Startpage.com or Brave Search instead. Just don’t use Google, particularly if you are signed in. Google search is one of the primary ways the government has targeted people, along with analyzing their Youtube searches.
Use a no-logs VPN provider you have signed up with using TOR and paid with using Monero. VPN’s are essential because they create an encrypted tunnel between your computer and the Internet. It helps avoid glowie deep packet inspection analysis tied to the undersea cables. It also helps prevent hacking if you are using public WI-FI at the library or a coffee shop. VPN use also helps keep your web searches private from your ISP, which may be legally required to log all of your data. Another alternative is to use a decentralized VPN like Mysterium, which is excellent for your privacy.
Avoid social media. If you can help it, don’t use Facebook and other social media sites. They are surveillance tools. If you must, lock down your privacy settings, don’t include your whole name, use a pseudonym when appropriate, don’t let others see your contacts, and avoid liking everything or posting things which may get you targeted. I learned the hard way that there is no such thing as freedom of expression in the US or the West in general. That is a lie. You WILL be persecuted for engaging in “wrongthink,” which means disagreeing with Western imperialism, Zionism, and being a Christian.
Use disposable email addresses and use a different password for every online account you have. That way, if a site is compromised, the hackers don’t have access to your other accounts. The password should be generated by a password generator, not something you can remember, because this is too easy to guess or brute force crack. The vast majority of people are terrible at creating strong passwords, and pick words like “Fluffy123” as their password. That would be cracked by a brute force cracker in less than 10 seconds.
Secure your devices with full disk encryption. If someone steals your home computer, they won’t be able to steal your data. This means using FileVault for MacOS or LUKS for Linux. BitLocker is the Microsoft Windows equivalent. I personally don’t trust Microsoft Windows anything because it has an NSA backdoor in it. You have no expectation of privacy and security if you use Microsoft Windows. None. If you insist on using Microsoft Windows, at least use Veracrypt to protect your files. I would strongly encourage you to switch to GNU/Linux distributions like Ubuntu, Mint, or Debian. For those who are targeted, use TAILS or Quebes.
Keep your software updated. Hackers use exploits hidden in unpatched software to attack your computer. Keeping it updated helps ensure these holes are closed as they are found.
Don’t use a smartphone. These are inherently insecure and cannot be safely used. If you must have one, take out the battery when not in use or put it in a Faraday bag. Only power it up when in use. If you are having a sensitive conversation, put your phone in the Faraday bag, take out the battery, put it in the microwave, or in your refrigerator. The phone can be listen to you despite appearing to be turned off, according to Edward Snowden. Turn off location services. For those with a high threat model, use burner phones. Use the two phone method. You buy two phones with cash at the store, wearing a hat, sunglasses, and COVID mask. This is to avoid your face on surveillance cameras and the AI facial recognition systems. Forward your calls from the first phone to the second phone, which you use to answer calls. Then you remove the battery from this phone or put it in a Faraday bag, permanently. Don’t give your number to anyone except those who are going to call you. Rotate this phone every month. Make sure the person you are calling is also using burner phones, otherwise this won’t work. If the feds know your contacts (they do), then they will begin surveilling your contacts for when you might call. Then they attack the weakest link by sending mercenary spyware to that person’s phone or hacking their SIM card. That’s why they need to use burner phones, too.
Pay with cash. Don’t buy things with credit cards. These are the easiest way for you to be surveilled and tracked. Cash is anonymous and privacy respecting. It is freedom money, kind of like Bitcoin, but even better. For things which require online payment, use Monero. Bitcoin is pseudonymous, not anonymous, meaning it is traceable. So the Bitcoin would need to come from a wallet that cannot be traced to your identity. If you bought your Bitcoin on a centralized exchange that requires KYC like Binance, then you would need to move the money to a non-KYC self-custodial wallet or use a coinmixing service if you live outside the USA. I say outside the USA because it is uncertain whether it is entirely legal to use coinmixing services in the US now, due to government repression of these services by the Biden administration. Ideally you would get Monero via a decentralized exchange and transfer it into an untraceable wallet not connected to your identity and then pay with that. Zcash is another possibility.
Public surveillance cameras are ubiquitous. They incorporate the use of AI facial recognition and gait analysis. Everyone has a unique gate, and the NSA has this data collected on you. It also has deals with major big box retailers and hotels to access their surveillance systems. Unless you are wearing sunglasses, a hat and a COVID mask and changing the way you walk, you will be identified. Most of the time this is not a big deal, but if you are buying a burner phone with cash, buying guns, or something the government would have an interest in you doing, then keep best practices in mind. There is also clothing you can buy that helps throw off surveillance cameras, including hats which reflect UV light used in night surveillance cameras to identify you.
When you share photos on the Internet, use a program to strip out the metadata. This contains info about your GPS location and other sensitive data. I personally don’t use smartphone cameras because smartphones are easily hacked and your location discovered easily, even from just the photos.
If you use ChatGPT, don’t ever sign in. The worst thing you can do is sign in to ChatGPT using your real information and tied to your IP address and then ask it sensitive questions. It IS storing this information, forever, and the data used to train AI that will later be used to potentially repress you. A better option is to use LLM chat models which you can download to your computer and use them locally. ChatGPT is a liar, anyway, and has been weaponized by its makers against certain narratives. Some of the other AI models are even worse, like Perplexity.ai. They also hallucinate and make up bullshit. You must always double check this information, without exception.
Use a password manager. This is one of the most important points here, aside from not using Google services of any kind and paying with cash. A password manager comes with a password generator to make better passwords which are not easily cracked. It also organizes and stores hundreds of passwords so you don’t have to. You only have to remember one password, the one to your password manager. KeepassXC is the best. Second is ProtonPass. For the most highly secure passwords, use KeepassXC. ProtonPass is end-to-end encrypted and sinks across your devices, which is convenient, but slightly less secure. Only use open source password managers.