In the past weeks I’ve been thinking a lot about online privacy. I’ve been setting up a new Mac (a Hackintosh, to be precise) which means that I’ve been installing my day-to-day software. Many of these programs are ones that I’ve chosen over the years specifically to enhance my online privacy and aren’t ‘stock’ applications.
Over the next few posts I’ll go over each piece of my privacy puzzle and explain why I chose it over the standard applications. As a collection I think that they represent a pretty good start at locking down my online presence, and you might find my thought process useful. I’m also open to constructive criticism…if you think I’ve missed something, let me know.
I’ll list what I’m using in the following table and and provide links to the individual articles explaining my choices as they are written.
|Category||What I use||Instead of|
|Thunderbird||Apple Mail, GMail etc|
|Cloud||SeaFile||Any commercial service|
|Cell / voice calls||Facetime||Just dialing a number|
Today as I was driving my dog, Maggie, to the park for her afternoon walk, a pickup truck pulled up behind me at a stop light. I wouldn't normally think twice about the car behind me, but this one had a very obvious Automated License Plate Reader (ALPR) mounted on the dash, and I could see the driver behind me fiddling with it. My assumption was that he was either enabling it or saving a capture of my plate.
If you don't know what an ALPR looks like, the next time you see a BU Parking Services truck go by, look for two rectangular devices mounted to the roof, one on each side. At BU they are used to ferret out cars that are parked in lots where they shouldn't be...the truck drives up and down the rows, scanning plates, comparing them to the Parking Services database of pass holders.
I've lived in my town for going on a decade now, and I'm familiar with the law enforcement vehicles in use here. This wasn't one of them, and there were no markings to indicate that it might be from another town or perhaps a state vehicle. My take was that it was a private vehicle.
Why was this person reading my plate?
I have a Johnson/Weld sticker on the back of my car. My very first thought was that someone wanted to know who I am, maybe because of my political affiliation.
I understand that this sounds like a paranoid conclusion. However, consider two points:
- Under the Obama administration, the power wielded by the NSA, FBI, and CIA have grown to unprecedented levels. Ed Snowden revealed a small part of the domestic surveillance being undertaken by these agencies, and they made headlines for about one week. Afterward the country moved on to who was winning Dancing With the Stars. Our government is intercepting every email, text message, and phone call made in this country. Eavesdropping warrants and gross violations of our privacy are approved by a secret court. We are murdering innocent people by silent drone attack in sovereign nations on a regular basis. As a country we just don't seem to care.
- The incoming Trump administration does not appear to be pro-privacy. In fact, they seem quite the opposite. Donald Trump is being handed a domestic surveillance capability unsurpassed by any government and I believe that he will use it to its fullest extent. Worse, a naive, unskilled Trump administration combined with our current public apathy is the perfect environment for our intelligence agencies to aggressively attempt to expand their reach.
In this environment, an active ALPR mounted in an unmarked vehicle recording my plate is a threat.
The question is, then, what to do? To this point privacy advocates have encouraged us to secure our email, and chat, and voice messages, but with the caveat that yes, it's not always easy, and yes, this is how you should do it but we understand that you probably can't because it's too hard.
It's different now.
I've always assumed that my emails, my phone calls, and the web sites I visit are recorded. Not because I'm someone that needs to be watched ... it's just that I understand, based on the evidence I've seen, that everyone's information is being recorded. I've advocated for privacy while personally falling short -- I've fallen victim to the 'too hard' argument, and to the idea that my small voice will be lost in the cacophony of an entire country's worth of data.
It's different now.
I can only be responsible for myself. Encryption is now my default. I've encrypted the disks on my computers, and all of the backups. I'm actively encouraging everyone that I regularly message with to switch to Signal, which encrypts text messaging end-to-end. I've migrated from Apple Mail to Thunderbird because the latter better incorporates email encryption. I've switched my default search service from Google to DuckDuckGo because the latter promises to not store my online search history and is secured with HTTPS. My voice calls are made using Facetime rather than the standard cell phone connection because Facetime is encrypted end-to-end. I find myself using Tor more and more often (even as I acknowledge its shortcomings).
Even though I have nothing to hide, I am hiding everything.
It's different now.
If you need help securing your personal communications, I am happy to help. You can reach me at email@example.com; if you are able, please encrypt your email. If you aren't able, I can help with that, too.
I'm a big fan of Apple's ApplePay ecosystem, a bit for the convenience of NFC-based transactions, but really for the security. ApplePay is a tokenized payment system in which credit/debit card account information is neither stored on the phone nor transmitted when making a purchase. It seems not a week goes by that we don't read of a data breach at some large retailer.
Gas-station pumps are one of the prime targets for data thieves using skimmers and it make good sense from a security standpoint to enable NFC transactions on them. However, this is a hardware problem...most pumps simply don't have NFC readers, and to retrofit or replace existing pumps, of which there must be hundreds of thousands for each vendor, is prohibitively expensive. Shell Oil is running some trials at a limited number of stations on the west coast, but that's about it, and I don't expect to see NFC pumps anytime soon.
Which brings us to ExxonMobil and their new Speedpass+ iPhone app. The company has long provided what I assume is RFID transactions at their pumps in the form of Speedpass. I don't know if ExxonMobil hired outside talent or developed Speedpass+ in-house, but whoever came up with the idea deserves a big fat bonus. I loaded it onto my phone the moment I head of it (it's free) and had a chance to try it in the field today.
I love it.
So, let's talk about how this was architected.
Here's the problem: You want to offer ApplePay at your service stations, but it's too expensive to outfit the pumps with NFC readers. How else can the problem be solved?
I can almost imagine the meeting. A couple of half-empty pizza boxes on a back table, 2-liter jugs of Mountain Dew. There are some half-finished diagrams on the whiteboard of the existing Speedpass network and data flow. Someone, the person who deserves the bonus, asks the critical question: "Is there some way to do this without using NFC?"
As it turns out, there is. Apple provides an API to enable in-application ApplePay purchases. Once you know that, it isn't a big leap to realizing that you can simply write an app that communicates with the existing Speedpass network. Open the app, tell it where you are, and pay for gas.
But wait, iPhones have GPS radios in them. What if the app could geolocate the user so that they don't have to type in where they are? It's simple enough to build an app that geolocates against a database of stations and their lat/long coordinates.
Next problem. When you use Speedpass, you hold a fob up to the pump, and the pump sends a message to the network to initiate the transaction. The pump self-identifies...how do we know which pump the user is at? Simple, we know which station the user is at via geolocation and a database, so we'll simply include the list of pump numbers in a table, and present the user a list of pump numbers to select from.
Almost there. The app is initiating the transaction, essentially simulating the pump. When you use a Speedpass fob, the transaction is authorized by the back end checking to see if your Speedpass account's payment method is current. here, it's done it the app by calling the ApplePay API...stick your thumb on the phone's fingerprint reader, and the app generates the same sort of authorization token that the pump would have done.
All that's left is to send the authorization signal back to the pump, and the user can buy some gas.
Anyone can write the same old apps that have been done a hundred times before. This is an example of a team really thinking outside their normality to come up with a clever solution just by asking the question, "Is there some way to do this using what we already have?" This is the kind of thinking that separates software engineers from programmers.
Get it: ExxonMobil Speedpass+ for iPhone (free)