How to protect your SMS text messages from the NSA

Why

Because the NSA and GCHQ have been revealed to be collecting (and keeping) all text messages we send/receive on our mobile phones: http://www.theguardian.com/world/2014/jan/16/nsa-collects-millions-text-messages-daily-untargeted-global-sweep

If you are thinking “so what? I have nothing to hide“, feel free to share your thoughts in the comments area below. To prove that you really have nothing to hide please also include your full name and home address.

How

Are you using an Android phone? (if you’re not sure, look for a “Google Play” icon somewhere, it looks like this:

Google Play logo

If you’ve got this icon, you are using an Android phone)

  1. Install the free TextSecure app by OpenWhisperSystems.
  2. Tell all your friends with Android phones to do the same.
  3. Open the TextSecure app and setup a very simple password – don’t worry, you will disable it immediately.
  4. Hit the “menu” button -> Settings -> select “Disable Passphrase”
  5. That’s it! Now text your contacts as normal. If any of them happen to be using TextSecure, the app will ask them:
    You have received a message from someone who supports TextSecure encrypted sessions. Would you like to initiate a secure session?
    They should click the “Initiate Exchange” button.
  6. Any messages you send or receive from your TextSecure contacts with whom you have “Initiated Exchange” will now be encrypted and unreadable to the NSA and their friends.

No Android phone? In that case you are out of luck. You cannot currently protect the content of your SMS text messages. Might be time to complain to the phone manufacturer for some built-in privacy features for a change?

The best alternative you have right now, if you have a data plan and can be connected to the Internet most of the time, is to use the free ChatSecure app by The Guardian Project. ChatSecure gives you unlimited instant messages (IM) with your friends. Unlike WhatsApp, Viber, Google Hangouts, Facebook, Skype, Y! messenger etc, ChatSecure can make your messages unreadable to the NSA and their friends. ChatSecure works on Android phones as well as iPhones.

Note: Even when using TextSecure, the NSA (and your mobile service provider) will know who you texted and who texted you. This “metadata” cannot be hidden, it’s just the way the SMS texting service works. The best you can do right now is to hide the content of your text messages, and TextSecure does that very well.

It’s (crypto)party time!

With our advanced free democracies resembling George Orwell’s “1984” more and more (your TV is spying on you, NSA global mass-surveillance, pre-crime repression of free speech  etc), there surely couldn’t be a better time to throw a CryptoParty!

Where?

New Academic Building
Goldsmiths, University of London
New Cross
London SE14 6NW
(OpenStreetMap)

When?

Saturday 30th November, 11am onwards

Cost/audience

The event is free & open to the public. Anyone who worries about the privacy and ultimately freedom of expression of their loved ones should attend.

Great lineup of speakers/presenters – check out the event schedule!

I will be doing a few workshops on mobile device privacy, encrypted Internet phone calls and using a computer without leaving any traces behind.

If you’re around on the 30th, join us for a day of practical tinkering with privacy tools!

…and here are the slide decks of the workshops I ran:

Qubes OS – a secure operating system: https://apapadop.files.wordpress.com/2013/12/qubes1.pdf

TAILS – This session never happened: https://apapadop.files.wordpress.com/2013/12/tails1.pdf

VoIP- Private voice calls: https://apapadop.files.wordpress.com/2013/12/voip1.pdf

Mobile privacy – how to keep your smartphone communications private: https://apapadop.files.wordpress.com/2013/12/mobile5.pdf

OTR – a gentle introduction to chatting Off The Record: https://apapadop.files.wordpress.com/2013/12/otr1.pdf