clock menu more-arrow no yes

Congress isn't protecting you from the NSA. Here's how to do it yourself.

Barton Gellman/Getty Images

One year ago, Americans started learning about the true extent of domestic surveillance by the National Security Agency. Thanks to documents provided by former NSA contractor Ed Snowden, we learned that the NSA was collecting records of every phone call we make, could access our email and social media accounts, and was snooping on our traffic as it flowed across the internet.

Many people hoped that Congress or the president would rein in the NSA, but so far that hasn't happened. Instead, a coalition of technology companies and civil liberties groups are taking matters into their own hands. They're urging users and programmers across the internet to take steps to make it harder for the NSA to spy on everyone. The one-day campaign, occurring today, is called Reset the Net.

Who is behind Reset the Net?

The campaign has broad support among technology companies and civil liberties organizations. Tech companies such as Google, reddit, Twitter, Yahoo, Dropbox, and Mozilla are on board. So are the Electronic Frontier Foundation, the ACLU, and Amnesty International.

What are the goals of the campaign?

Reset the Net is a campaign to encourage the use of technologies that make the internet more resistant to NSA snooping. It has two components:

  • Ordinary users are downloading the Reset the Net Privacy Pack, which contains secure communications software that will make it more difficult for the NSA to intercept your communications.
  • IT professionals are pledging to take steps to make the websites, networks, and other systems they operate more secure against NSA snooping.

For the most part, large tech companies like Google and Yahoo have already taken these steps, though their participation in the campaign helps to raise its profile. The goal of the campaign is to convince smaller websites and individuals to take steps to secure the net against snooping.

What does Reset the Net recommend I do to protect my privacy?

For your cell phone, Reset the Net recommends ChatSecureTextSecure, and RedPhone. As the names suggest, these products enable users to communicate securely over instant messaging, text messaging, and voice calling. Reset the Net also encourages users to set a password on their phone so its contents can't easily be accessed by criminals or the police.

For your Mac or PC, the bundle includes secure instant messaging software (Adium for Mac or Pidgin for PC) as well as Tor. Tor is software that helps preserve your anonymity by allowing you to browse your address without revealing where you're browsing from. Users are also encouraged to activate full-disk encryption.

Finally, Reset the Net has tips for improving password security. You should avoid re-using the same password on multiple sites. Instead, keep track of your passwords with a password manager or just write them down on paper.

What is Reset the Net asking IT workers to do?

There are a number of steps that IT workers can use to harden their websites and other IT systems from NSA hacking. One of the most important is to enable SSL encryption, which protects communications between users and the websites they browse. Major online services like Gmail and Facebook already use SSL by default, but many other websites don't use it yet.

Can better technology really protect against NSA snooping?

Modern computers are so complex that it's almost impossible to make them hack-proof. So if the NSA wants to hack into your computer badly enough, it can probably figure out a way to do so.

But this kind of custom hacking, performed by the NSA's Tailored Access Operations (TAO) unit, is labor-intensive. An NSA operative needs to personally probe your computer to figure out which vulnerabilities to exploit. So the agency is only going to go to the trouble for high-value targets.

This is why the NSA prefers to intercept unencrypted communications. When information is transmitted "in the clear," the NSA can collect it in bulk and store it for later analysis.

So widespread use of encryption won't stop NSA spying altogether. But it will force the NSA to be more selective, focusing on real threats instead of indiscriminately vacuuming up everything the agency can get its hands on.