OPSEC For Activists, Because Encryption Is No Guarantee
“None of the claims of what comsec works is to be taken saltless: Tor, OTR, ZTRP are lures.” —Cryptome [3], Dec. 30, 2014
In the aftermath of Edward Snowden's disclosures, the American public has been deluged with talking points that advocate strong encryption as a universal solution for protecting our privacy. Unfortunately the perception of strong encryption as a panacea is flawed. In this report I’ll explain why strong encryption isn’t enough and then present some operational guidelines which can be used to enhance your online privacy. Nothing worthwhile is easy. Especially sidestepping the Internet’s global Eye of Providence.
Anyone who reads through privacy recommendations published by the Intercept [4] or the Freedom of the Press Foundation [5] will encounter the same basic lecture. In a nutshell they advise users to rely on open source encryption software, run it from a CD-bootable copy of the TAILS operating system, and route their Internet traffic through the TOR anonymity network.