Introduction
In 2012, 70 journalists were killed while engaged in their trade worldwide, a 66 per cent increase on the 2011 toll. Already in 2013 between 13 and 15 journalists have been confirmed killed as a result of their work with a further eight journalists having been murdered with unconfirmed motives. According to Reporters without Borders, 10 “netizens” and citizen journalists have been killed in 2013 and nearly 150 are currently imprisoned; mostly in China, Vietnam, Iran and Syria. Threats to life and liberty are just the more extreme and visible threats for journalists and activists as the Internet becomes more useful and pervasive in modern communication. Even if your activities are not immediately likely to expose you to loss of liberty and/or life you may find yourself at risk of other insidious threats; notably surveillance and deception.
My general rule of thumb is that if you are planning to do something illegal, do not do it online. Even with the best counter-measures I would not guarantee 100% per cent security and the principles of security culture should be observed at all times.
What are the threats to Australian Internet users?
Surveillance and interference with radical and dissident groups and individuals became increasingly more prevalent throughout the 20th century. Socialists, trade unionists and Labor politicians were common targets but a paranoid Australian Security and Intelligence Organisation (ASIO; Australia’s equivalent of MI5) was revealed to have monitored such targets as David Stratton (most familiar nowadays as half of the ABC’s At the Movies…), Germaine Greer and the now retired High Court Justice Michael Kirby. As mentioned by Haydn Keenan, who curated an exhibition of declassified ASIO documents showcasing the people monitored by the Organisation,
“Anti-apartheid groups, equality for women, anti-Vietnam war – they were all considered communist fronts. The hypothesis was that communists were intent on world domination, and everything ASIO did was a function of that hypothesis … They confused dissent with subversion. Dissent is essential in a democracy, but anyone with a dissenting voice was kept as far away from decision-making as possible.”
The approach ASIO took in order to quash and control dissent resulted in the collection of vast quantities of information of varying levels of importance such that previous subjects of interest now have substantial resources for examining their personal history. One can even find photographs of founder members of Socialist Alternative and a well-known left-wing politician frolicking at the beach during a political retreat by browsing the National Archives of Australia website. Yet the effectiveness of this activity was fairly limited: in the 20th century ASIO did not possess the technology or labour to adequately analyse the collected information and its suspicion of anything vaguely in opposition to the establishment meant few discoveries of any significance were made. As well as this, a KGB mole operated out of ASIO for several decades and still has not been uncovered: after the case against their lead suspect collapsed in the 1990s, ASIO was left without even a suspect.
Yet since 9/11 and the passage of the Wikileaks Amendments, ASIO has grown bigger, nastier and much more vindictive and is now only one of a number of State and Federal intelligence agencies that have the power to intercept digital communications. In 2010 – 2011, Australian law enforcement and government agencies accessed phone and Internet logs without warrants over 250,000 times and 588 federal listening and tracking warrants were issued. According to Fairfax, agencies gaining access to such data include ASIO, AFP, the Australian Crime Commission, the Tax Office, the departments of Defence, Immigration and Citizenship and Health and Ageing, and Medicare as well as state police and anti-corruption bodies, state government agencies, local government bodies and even the RSPCA. The expansion of powers proposed by the Labor Government if they win the 2013 Federal election is quite stark and worrisome.
In addition to increasing state surveillance, the increasing commercialisation of the Internet and development of marketing software has seen companies attack user privacy in the interests of revenue generation. Facebook is a notorious offender in this regard and Google’s 2012 Privacy Policy change prompted reaction and response. At the same time, attacks against Internet pirates have been ramped up resulting in the voluntary take-down of NZBMatrix, ongoing troubles with the hosting of the Pirate Bay, the crushing of free speech through exploitation of anti-copyright infringement frameworks and the takedown of Megaupload and arrest of Kim Dotcom in New Zealand. Megaupload claimed to represent four per cent of the Internet prior to being taken down and was commonly used in workplaces, meaning many users had legitimate and legal data seized. Moreover, the New Zealand Secret Service has been revealed to have been illegally spying on Kim Dotcom before launching their military-style raid (complete with automatic weapons and helicopters) which was also found to have been illegal. Attempts have been made to force Australian ISPs to report illegal downloading in order to facilitate legal action by copyright holders but without much success and, although legal cases against Australian downloaders are not as common as those against American downloaders, torrenting and illegal downloading without adequate precautions expose users to risk. Given the widespread reporting of Australia’s preference for downloading Game of Thrones it is clear that many Australian Internet users are not taking adequate precautions. For “ordinary” users the possibility of legal action and having your private information exploited for advertising is a major and insidious threat.
In an age of outrage and over-reaction it is also advisable to be security conscious at all times to eliminate the risk of being doxed: the same information that governments use to monitor and arrest Internet users is often the same information used by individuals and groups to expose and/or embarrass their targets.
Security, Cryptography and Anonymity
This course is designed to be used by Internet users of a moderate competency and is written in such a manner to allow users to progress at their own pace; links to further information will be provided where possible to prevent this course becoming overly complicated and detailed. The course is divided into three sections (Security, Cryptography and Anonymity) that will instruct users on such topics as Internet tracking, secure data storage and deletion, HTTPS and certificates, Tor and security culture. There are also pages with links to other security guides and advice and software that can help you ensure greater security on the Internet.
Security – Protecting your Data and Equipment
Cryptography – Securing your Communications
Anonymity – Hiding your Identity