In these frightening times when the American government is spending untold billions spying on its citizens and where the PATRIOT Act continues to infringe on civil liberties, I thought I’d share with you some of what I’ve learned about personal protection.
Before I begin, let me first say that everything I am telling you comes from public sources and I am not telling you anything new. Secondly, this information is not intended to be used to hide or mask criminal activities.
The primary purpose of writing this article is to educate you as well as provide some help in keeping your activities anonymous and keep your name off of governments watch lists and help protect you from malicious internet users.
ISP = Who Am I – Every time you’re logged onto the internet, your computer is assigned a sort of “nickname” called an ISP address. The ISP parts means “Internet Service Provider” and that is the people who you are dialing, cabled to or using to access the internet.
What does your ISP reveal about you? Well if you go to this website, it will show you. Mine shows that I’m coming from Bucharest Romania, which isn’t true as I’m in a different city. But it does show the name of my ISP and where their office is located, which is accurate.
Every single time you visit a website, they see this ISP address and they see the information about yourself that you just saw. It doesn’t list your name and address but if you’re connecting from work, they can narrow down fairly well which company or agency of the government you’re working for.
There was a recent scandal involving members of the House and Senate (or their staffers) editing Wikipedia articles about themselves. Wikinews used the ISP addresses to track the people who edited the articles back to the people who did it in a remarkable feat of citizen journalism.
Usually when you log onto the internet, your ISP assigns you a slightly different ISP every time. Do not think that this happens on a daily basis however – sometimes the ISP addresses are rotated once a month or even less frequently. Anyone trying to track your ISP address can assemble a list of all the places you’ve been, which may include places where you’ve accessed sensitive stuff (like bank records), private places you don’t want anyone to see (like porn or software theft sites) or websites with controversial or partisan material.
Let’s say your ISP address is 100.100.100.100 for a month. Getting access to search records (like those on Yahoo or AOL) can see that this ISP address checked BBC News, Booman Tribune, Bank of America and Young Naked Teens websites. If you’re using your company computer, a malicious person could cause you some trouble. If it’s the government monitoring you, they will get an idea of what kind of person you are (or are presumed to be). That’s what data mining software does – enormous amounts of data are sifted to reveal “suspicious” activities or actions.
Be aware that your ISP address is also revealed whenever you send email from most programs, especially Microsoft’s Outlook. When you use your browser to send email like Hotmail directly from the webpage, then your ISP address is not revealed. Using other programs like Instant Message software ALSO broadcasts your ISP address.
Anonymous Surfing – It’s very possible to hide or “mask” your ISP. I had to do it this week for a legitimate purpose. You can use what are called “proxy servers”. Essentially this means you connect your computer to a proxy, which has a different ISP, and all your web searches are done via the proxy ISP address. So if your real ISP address is 100.100.100.100 and you log onto a proxy server address with 200.200.200.200, then all the websites you visit will register you as the 200 ISP not your real one.
You can also “daisy chain” proxy servers, linking to proxy server 1 then going to proxy server 2 then going to proxy server 3 then going from there to surf the internet. If that sounds slightly complicated, it is. Luckily there are both software programs and websites which will do all the technical work for you.
Go visit a website like Cloak-It and then visit this website again. You’ll notice that the information is dramatically different. There are software programs to let you use proxy servers automatically, including daisy chaining them as well as switching your proxy server every 5 minutes.
Be aware however that your internet provider, the company you’re connecting to, ALWAYS knows what you’re doing. Even if you are successfully masking yourself or hiding your real ISP address from other websites, the company you’re using to log onto the internet knows exactly who you are and where you’re going. And under the PATRIOT Act and other legislation, they can and DO give this information to the government upon request.
When I say “request” I mean it’s as simple as an oral request or one faxed in to the company. I’ve written many such faxes and it takes just a moment to get the information and there’s no warrant necessary. And trust me, the internet provider has everything you’ve ever done including all the emails you’ve ever written.
But for the government to get this information it has to go to the effort of directly requesting it. Surfing anonymously protects you from data mining programs, not from direct government surveillance.
The only way to truly use the internet in an anonymous way is to use a public computer, such as those in the library, or else to connect to a wireless internet via someone else’s account. These can be lawful, such as those “hot spots” provided by coffee shops or else illegally, such as using your neighbor’s wireless internet. Since that is unethical, I won’t tell you how to do that.
If you yourself are using a legitimate wireless connection to get on the internet, make sure you are protected, otherwise someone else may be able to log into the internet. And all of their actions will look exactly like you are the one doing it.
Viruses, Trojan Horses, etc – There are a number of malicious programs out there, often called viruses, worms, Trojan Horses, etc. whose sole job is to get onto your computer and do something you don’t want done. Sometimes these programs execute relatively harmless “pranks”. Much more often however they are used to turn your computer into a re-broadcaster of the malicious program.
Some of these programs are called “malware” from the Latin root for “evil”. Sometimes they use your computer to send out millions of spam emails or use your computer’s brain to run complex programs that are cracking passwords. Other programs actually let someone else remotely control your computer, which is especially dangerous as they can record and view you using your credit card to purchase things online or access sensitive stuff like bank records.
Sometimes these programs are sent to you (intentionally or accidentally) via emails. Others sneak onto your computer when you visit certain websites, as they trick your computer into thinking you gave permission to download them. Others look like innocent games or “clean” software, tricking you into downloading them. The point is, if you don’t recognize the email sender, if you don’t trust the webpage you’re on and if you’re not sure about something, don’t download it.
How can you protect yourself? Well the first thing you need to do is make sure your computer is clean. You need up to date anti-virus software that’s running all the time. You also need programs which check for “spybots”, “adware” or “malware”. I myself use Avast!, Spybot Search & Destroy and Ad-Aware, all of which are available free for personal use. These three types of programs will help keep your computer free of any unwanted programs monitoring you, spying on you and selling your data to other spammers and criminals.
What about a firewall? A firewall is a program which is like a shield between the internet and your computer. Once your computer is clean of unwanted software, it’s time to install a firewall. Many malicious hackers take advantate of open “ports” or parts of your connection to the internet to sneak software into your computer. I had over 1,000 attempted attacks on my computer blocked within 24 hours of installing my firewall. If you don’t use a firewall then I recommend you immediately start using one.
There are a number of free ones out there for personal use. I myself use Zone Alarm. It’s a little tricky to set up and understand for the computer beginner but don’t let it intimidate you. Once it understands which of your programs are legitimate (like your browser) then it’ll run very smoothly with little interruption to your regular internet use.
What About Emails? – As I already said, anyone receiving one of your emails will know exactly what your ISP address is unless you are hiding or masking that. If you’re writing to your grandmother, it’s not such a big deal but there are other times when you might want people not to know that information.
Emails are not delivered in the same way a paper letter is. A paper letter goes from you to your post office to another post office to another person who sticks it into a mailbox. The letter itself is moved around but it remains whole while in transit.
If an email were a paper letter, then it would be delivered by you whole to your post office (internet provider) then cut up into little tiny strips. One strip would be mailed to Houston, another strip mailed to South Africa, another to Cambodia. Finally all the strips are sent to the last post office, which re-assembles them into an email.
If an email were a paper letter, then the envelope would be removed as soon as it got to the post office and the contents easily viewable by anyone who handled the letter in transit. If you’re mailing Grandma, then it’s probably not such a big deal. But if you’re revealing sensitive or private information, you might not want people to read it.
One solution is called encryption. Essentially this means you scramble the contents of the email into meaningless garbage before you even take it to the post office (internet provider). It’s the sent to the recipient in the normal, unprotected way but anyone who sees it will just see scrambled nonsense. The person on the other end has the key to de-scramble your email and so only they will be able to read it.
This is a little complicated but again there are software programs which will do all the work for you, including some that cost very little or are free. If you’re communicating with someone and want to keep it private from the government or criminals, you should be using encrypted email.
But what if you’re not writing to your super secret buddy? What if you want to write a completely anonymous email to someone? Well there are also anonymous email software programs and anonymous web email hosts. For free or for a low fee, they’ll let you receive and send email that doesn’t have any connection to you or your ISP address. Of course, as always your internet company knows everything you’re doing but if you encrypt the email before sending it, they CANNOT read it.
What about keeping spammers off your back? Sometimes you have to use an email address to sign up for mailing lists and maybe you want to give them a fake address that actually works. I recommend that everyone give fake email addresses anytime you’re not directly corresponding with a person, i.e. for website and mailing list registrations.
A completely free and easy to use website that will do this for you is Spam Gourmet. It takes 2 minutes to set up and you will have an unlimited supply of fake email addresses to give out which actually work while shielding the other person from knowing your real email address.
What Are Cookies? – Well this kind is not for eating. Just about every websit you visit nowadays wants to put a “cookie” in your web browser. It’s a little data files that lets the website recognize you. For example, if you regularly visit a website like Booman Tribune, a cookie is a good thing because it will recognize me as “soj” and I don’t have to even enter my password to log on.
However all those other hundreds or thousands of websites you’re visiting will be tracking you with a cookie as well, if you let them. For a great introduction and explanation of what cookies are, see here. You can make adjustments in your browser to determine which websites have permission to use “cookies”. My recommendation to you is do not let ANY website you do not trust set a cookie.
Tracking Files – Your computer, especially if it uses a Microsoft operation system, keeps THOUSANDS of files listing where you’ve been and what you’ve been doing. Sometimes this is useful, for example the “History” function of your browser, if you’re trying to figure out where that article you read was yesterday or last week.
I will tell you right now that clicking to “erase” your history and visited webpages log does NOT actually erase those files. Microsoft Windows (all versions) keeps a super secret log of these in a location that you cannot even view (and therefore delete) from Windows itself. The only way to erase them is to go into the DOS mode directly and find them, and you’ve got to know where they’re located. The first time I did this I found something like 20,000 webpages listed there that I had visited and thought were “deleted”.
Your boss, your jealous spouse or partner, your coworker, the government or a malicious hacker can find these files if they want to even if you can’t. Finding and deleting them takes some real computer savvy but luckily there are programs which will delete these files (for real) for you. See here for a list of free programs you can use.
I highly recommend that you use software to remove these files even if you live alone and have “nothing to hide”. There are always malicious programs out there that could get on your computer and access this data, and some webpage URL’s unfortunately contain personal information that you wouldn’t want someone else to have.
Deleting Other Files – Just because you click “delete” on any file doesn’t mean it’s actually deleted. If I decide to delete a program on my computer called RomTalk for instance, the computer doesn’t actually look on its hard drive and erase anything. All the computer will do is say, “hey remember where RomTalk was? Now it’s ok to store new data there”.
This means that someone else can look on your computer and find most of what you thought you deleted – often enough is left over to completely re-assemble the files! You might want to sell or donate a computer to someone and if your files are not really and truly erased, that information can be recovered. For a list of free programs to help you TRULY delete those files, see here.
Note: Just because you hit “delete” in most email programs doesn’t mean that the file is actually deleted. It’s often stored in a hidden area in case you want to “un-delete” it. If you’re using Outlook, click on “Compact Mailbox” as this will actually delete the emails you want deleted. Of course the deleted emails can be re-assembled unless you use a program that truly deletes files.
Phone Calls – I want to say a couple of words about phones. To begin with, any “land line” or home phone connected to the wall with a wire is under the full control of your telephone company. The main landline companies have more or less admitted that they let the NSA tap into these lines so never use them for anything you want to be kept completely anonymous. The telephone company might not record the conversation itself but they will definitely track which numbers you’re calling and for how long you spoke.
Your cell phone company is more or less doing the same thing. Depending on how dense the population is where you use your cell phone, they can also track your physical locations to within a certain degree of precision. A recent court case “won” by the federal governement stated that they can ask the cell phone company to provide logs of your physical location with no warrant necessary.
Even if you’re not talking on your phone, as long as it is powered on, it is communicating with the nearest tower. Therefore whenever it is turned on, the company has a rough estimate of where the phone is.
The FCC has mandated that all new cell phones be equipped with a GPS chip that broadcasts your EXACT location when you call 911 for an emergency. Some of these newer phone only broadcast the GPS location when you call 911 while others broadcast it all the time. This means that your location can be tracked much more accurately than ever before and again, the gov’t needs no warrant to do this.
This means that a completely innocent person might be shopping in a store that’s nearby to a protest that the government has under surveillance. If the GPS locator on the phone places the person “at” or near the protest, they might get swept up into one of those secret databases. Again, this is a feature only in the newer phones and you should always check before buying a new phone to see whether it has this GPS locater feature.
One option for anonymous calls is to buy a pre-paid cell phone with cash. These are still tracked and logged by the various cell phone companies but the difference is that they do not have a name to go along with those records. These phones can also be tracked by location whenever they’re powered on as well.
Let me also add here that it’s incredibly easy to listen in on other people’s cell phone (and wireless home phone) conversations. I’ve done it myself without any secret spy equipment. Most cell phones, including “digital” ones, broadcast an open radio signal in the 800 to 900 MHz range. I used to amaze my friends by using my equipment to listen in on their phone calls.
I should add that this is actually illegal to do in most states so check with local laws before even thinking about doing it. I am telling you about it so you are aware that anyone in physical proximity to either your phone or the cell phone tower you’re using can listen in. I did my surveillance with an old scanner. Scanners sold today are blocked from certain frequencies (including these) but you can either defeat these mechanisms using a bit of solder or else buying older models at ham radio swap meets.
Ham radio enthusiasts often conduct “fox hunting” exercises, in which two separate antennas (or a moving antenna) are used to find the source of a radio broadcast using triangulation. Anyone who has a sincere interest in finding your EXACT location while you’re speaking on the cell phone can do so using this method. I’ve seen the FBI do it and it takes about 5 minutes if you’ve got the right equipment and computing power.
The other option for anonymous phone calls remains the public phone. There are Fourth Amendment protections given to people who use public pay phones but in this day and age that protection might have been weakened. Plus it’s getting increasingly difficult to even find public pay phones.
There is one other option to make a semi-anonymous phone call and surprisingly, it involves the internet. It’s a technology called VOIP and involves using your computer to connect to the internet to make a phone call.
There is new legislation from the federal government to force VOIP providers to provide the government the same detailed information (without a warrant) that your home phone and cell phone providers do. Right now however that is still being battled out in the courts so you still have a chance to make anonymous calls.
Currently, the regulations in Europe are MUCH less intrusive than in the United States. Therefore it might be best to use a European VOIP provider to make phone calls although this could be a little expensive if you’re mostly calling the United States.
Furthermore, there are companies (like Net2Phone) which sell pre-paid cards to use VOIP to make phone calls. Since these can often be bought for cash, it’s probably the single best way to make truly anonymous phone calls. That being said, the VOIP protocol is not exceptionally secure from hacking and there have been cases where malicious people have been able to intercept or eavesdrop on VOIP calls.
Probably the all-time best way to use VOIP to conduct an anonymous phone call is by using amateur (ham) radios to enter a repeater network. Essentially you have a radio in your house, which connects to an antenna, which is bounced to a repeater station, which broadcasts to an internet connection, which make a phone call. This takes some pretty sophisticated know-how and a license to use the radio equipment involved. It is however one of the cheapest ways to make international calls.
Hopefully the above will help you understand how to keep your privacy intact and other people out of your personal life.
Peace
Great diary and all very important information.
Do you remember the controversy Microsoft had when it was reported that NSA had a back door built into the operating system for future monitoring and surveillance?
NSAkey I think it was.
Yes I do. Needless to say, the Microsoft operating systems are the worst-designed ones you could possibly find.
Even if the government never spied and there were no hackers, your computer system would still regularly crash from its own inefficiency and poor engineering.
If you want both more security and better design, you need to switch to Linux or other open-source systems. OpenBSD seems to be the one preferred by security conscious users.
However switching operation systems is a majorly advanced task and too difficult for most casual internet users.
Pax
If I did that, I would get so many anonymous cards and calls telling me how much I’m missed I’d be overwhelmed.
š
Ok, you can find better information about your ISP and IP address (Internet Protocol Address) at DNS Stuff. You can find plenty of tools there. What you find about your ISP there can be found by everybody else. If I check Yahoo.com I will get all those stuff and even more:
Registrar: EMARKMONITOR INC. DBA MARKMONITOR
Status: REGISTRAR-LOCK [the normal status for a domain when it is locked]
Dates: Created 18-jan-1995 Updated 22-jul-2005 Expires 19-jan-2012
DNS Servers: NS1.YAHOO.COM NS5.YAHOO.COM NS2.YAHOO.COM NS3.YAHOO.COM NS4.YAHOO.COM
Registrant:
Yahoo! Inc. (DOM-272993)
701 First Avenue
Sunnyvale CA 94089
US
Domain Name: yahoo.com
Registrar Name: Markmonitor.com
Registrar Whois: whois.markmonitor.com
Registrar Homepage: http://www.markmonitor.com
Administrative Contact:
Domain Administrator (NIC-1382062) Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
****@yahoo-inc.com
+1.4083493300
Fax- +1.4083493301
Technical Contact, Zone Contact:
Domain Administrator (NIC-1372925) Yahoo! Inc.
701 First Avenue
Sunnyvale CA 94089
US
****@yahoo-inc.com
+1.4083493300
Fax- +1.4083493301
Created on…………..: 1995-Jan-18.
Expires on…………..: 2012-Jan-19.
Record last updated on..: 2005-Aug-11 15:05:12.
Domain servers in listed order:
NS4.YAHOO.COM
NS5.YAHOO.COM
NS1.YAHOO.COM
NS2.YAHOO.COM
NS3.YAHOO.COM
Domain: Address
http://www.yahoo.akadns.net. A IN 60 216.109.117.106 http://www.yahoo.akadns.net. A IN 60 216.109.118.69 http://www.yahoo.akadns.net. A IN 60 216.109.117.107 http://www.yahoo.akadns.net. A IN 60 216.109.118.74 http://www.yahoo.akadns.net. A IN 60 216.109.118.76 http://www.yahoo.akadns.net. A IN 60 216.109.117.110 http://www.yahoo.akadns.net. A IN 60 216.109.118.68 http://www.yahoo.akadns.net. A IN 60 216.109.118.70
You can get a list of proxies to use and download free virtual proxy server agents for anonymous browsing at:
Samari
Public Proxy Servers
Stay Invisible
Web site logs:
When you visit a web site the server can (at the option of the owner) keep a record of your activity. The most common items recorded:
Time and date of visit, page requested, IP address of computer making request, how the page was reached (that is via a clicked on hyperlink, or via a search engine), if a search engine-what the search terms were, various other bits like the size of the page delivered and if the request was sucessful and the browser being used.
Here is a random line from the web log of my site, for example (I obscured the IP address):
68.191.YY.XX – – [11/Feb/2006:12:49:08 -0500] “GET
/tips/5400_pos_options/images/scan_as_positive_photoshop2.jpg
HTTP/1.1″ 200 93892
“http://robertdfeinman.com/tips/5400_pos_options/pages/scan_as_positive_photoshop2.html“
“Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Most of this is used by site owners to track usage either for performance tuning or commercial purposes. One of the most interesting pieces of information that is not captured is where you go next.
Unless you click on a specially configured link, like the ads shown here, where you go next is not known. There is a proposal to enhance the html language specification to add this feature as well.
Another thing that is recorded, as has been revealed in press releases recently, is the amount of data the search engines keep about each search you make. You can combat this somewhat by deleting the cookies left by the search engines, but then any customization you set up for the site will be lost.
The whole issue of how much search engines control the flow of information is discussed in my essay here:
Google Monopoly
The issues with Chinese censorship makes this even more revelvant today.
Have you done more research into the privacy issues of the gmail service?
Are you familiar with the proprietary WebTrends?
Privacy and email is hopeless. If you have your own server you can set up an email service on it. Then email sent to your machine will be stored locally on the machine until it is fetched by the person reading it (presumably on a client PC these days).
For those using a commercial web-based email service like Gmail or one provided by their ISP the email is stored on the service’s machines.
Even if you run your own server, email is not always point-to-point, but is more like store and forward. So there may be many machines between the end points where the mail is held until the next machine is available to receive it.
Most large services (and private companies) now backup and save all email that passes through their machines (in either direction). There are even certain legal requirements to do this. That’s why the disappearance of some emails from Cheney’s office about the Valerie Plame affair may be evidence of a crime.
Things like the Abramoff situation may make people more careful about what they put in emails in the future, but, apparently, many still don’t realize how much of their communications can be recovered.
One of my current interests has to do with the fact that the intelligence agencies like NSA are only good at finding information from those playing the same game. Clandestine groups that don’t use the internet or telephones, but rely on older means like hand delivered messages and trusted couriers are going to remain undetected. This is why the world’s intelligence agencies can’t prevent bombings like those in Spain and London.
I agree with all of your comments on email.
The other comment made about the attacks brings up an interesting point. The push by Bush to maintain secrecy seems odd considering these companies aggressively market this technology in the public sector. That almost says the reason for surveillance is something else.
Considering the power of datamining and the anomalies surrounding mthe stories of the suspects (Tube attack), it looks more like the suspects were s picked from preselected matching criteria and the case built around them.
Having your own server does not guarantee you protection. The agencies can always say you are terrorist simply because you criticise, come with or without warrant and duplicate your HDD and logs. Than to return your server empty. Private servers are being constantly confiscated, one of the most famous cases being the seizure of two UK-based servers of the Indipendant Media Center in 2004.
I am thinking on writing a diary about such attacks against the press.
I had just mentioned the Indymedia servcer seizure in another diary last night. The issues of govt control of the Domain Name Servers, routers, pen register trap and trace, URL redirects, trojans, malicious scripts and a whole cache of vulnerabilities need to be discussed more.
Please do.
This might be way outside the range you want to cover, but the surreptitious attempt a few years back to take over the Pacifica Radio network’ board almost succeeded. Not the FBI, but an intriguing cast of ‘private’ characters involved.
I’ll make three brief points and then withdraw from the “discussion” at hand:
You must remember that there are literally billions and billions of website searches and emails exchanged daily throughout the world–and the government, despite its best efforts, simply cannot track them all. The government might target certain websites for surveillance, but the chances of the government finding any useful information in that way is like searching for a single minnow in the Pacific Ocean. Theoretically, it could happen, but the odds are very long.
This is not to say that being “watched” electronically isn’t disquieting, but rather to point out the futility of attempting to do anything about it, as well as the relative futility of the government engaging in such surveillance in the hopes of preventing terrorism or even quashing domestic dissent.
What is far more likely to happen is that prominent dissidents (think Cindy Sheehan, for example) will be targeted for surveillance in a Nixonian-style COINTELPRO operation. And the solution, as always, is not technical but political.
We have to stop looking for INDIVIDUAL solutions (loading this software or that software onto your computer) to COMMON problems.
Government attempts to spy on us ARE a civil liberties issue–but one that must be addressed through a common, political solution, not pursued individual.
I should mention I made somewhat of a boner… your ISP actually assigns you an IP address, not an ISP address. Not that this changes the information any š
Excellent comments on this thread!
Pax
Another subject that comes up is the use of routers or accessing the internet from a local area network, the use of a single ip address for the router/hub/switch and the association of multiple PCs behind the single assigned IP address.
Great diary, as always, soj! Some of this I was already familiar with previously, but you really taught me a thing or three more than what I knew! Was glad to see you mentioned several programs I’ve been using to ferret out/prevent spyware… as I feel they work well too. Are you familiar with a program called “eraser?” I think I dloaded it free from download.com, and it’s a handy little utility that will erase data you choose by making many many passes over the sectors until all is (supposedly) gone. Just a suggestion, but perhaps you already knew this. Thanks for posting this very informative diary!
So, according to the information provided, one could actually be residing in the United States and merely pretending to be in another country? I could be in Virginia and pretending to be in a European country like Spain…or Italy…or even Romania.
Fascinating…….
Yes, it works. You can pretend to be from whatever country you find anonymous or highly-anonymous proxy. However, it also depends on the ISP you use. I am not that sure if its going to work that good (or good at all) with AOL.
In a period of 10 minutes I’ve been to India, UK, Russia and South Africa.
Do you find that you get a lot of advertising for travel services?
I used the tips that Mr. Soj provided and changed my IP address so it looks as if I’m posting this from Romania…even though I’ve never set foot in that country!
I never did any masking or ‘spoofing’ like that but if I did I’d choose either McLean VA or Tampa FL for some extra fun.
š
My opinion of the subject is that the only way to be anaymous on the internet is to unplug the connection. There are too many breadcrumbs and gatherers to avoid success. My input on this subject is to heighten awareness of how it’s done, how it can possibly be used/exploited and where it might lead.
People should at least be aware of what’s going on–but true anonymity on the Net is beyond the technical capabilities of just about everybody…I don’t know if ANY private individuals who’s not Larry Ellison or Bill Gates has the money to make his Net communications entirely private (and perhaps not even then).
However, the solution to privacy is a political one, not a technical one, as I stated above.
My awakening was in 2001-02 when I kept finding laws to prohibit encryption or masking that was so good the govt would be unable to crack it. At that point, it was easy to accept that all activities are monitored.
In theory, it would be prosecutable to suggest ways to avoid surveillance. I do think it’s possible to monitor all activity. The govt/agencies could not monitor each purchase but a monitor system that scans each transaction automatically is realistic.
What happens when all applicable Ebay and/or similar system users start getting notices from the IRS for failure to report? What if unstructured text analysis shows an innocent stock tip from the past to look like insider trading? What if the same technology picks up on the average innocent white lies that some zealot decides is fraudulent activity?
I always have lots of questions. What elected officials are looking out for these possibilities?