Review: Citizenfour

A reminder, an eye opener

At this point, two years after the stories broke out you must have heard about this. The NSA, Edward Snowden and how privacy has become a meaningless word.

If you haven’t heard about this the documentary, it will serve as an eye opener. For the rest of who have followed the topic is a nice reminder. Also the video recordings of the meetings of the journalists an Snowden are very interesting. It honestly feels like a spy sci-fi movie.

We shouldn’t focus on Edward Snowden

The story is not about him, although the documentary spins around how they met and how they exchanged the information. What’s important here is the revelation of all this information. Heck, doing what he’s done… it can’t be easy.

It’s just not NSA

The movie focuses on the NSA but other governments are doing the same (UK, for instance). We have to protect our privacy, we have to make them know this is wrong you simply can not spy on everyone just because.

Have you seen the film?

Use strong/long passwords

I can’t encourage enough (and you’ll agree with me after you see the film) that we need strong passwords. The computing power of these agencies or other hackers is pretty powerful nowadays. You need, at least, a 13 character password to give them a hard time.

I use my Random Password Generator to create web logins. I store them using 1Password, as they’re impossible to remember.

However, sometimes we don’t need complex password. Sometimes what we think is complex, is in fact not as secure. For those passwords you can’t store or need to use frequently, use a long random word phrase.

HTTPS for websites

At the time of the writing this site is not HTTPS secured (due technical reasons with Github Pages). It means someone could have changed the text of the site when serving it to you.

All sites should have HTTPS

It is not a matter of if the site has payment systems, e-commerce or user login information. It’s about protecting the content you read and preventing other to know what you’re reading.

Hopefully 2015 will be the year of the change, check out Let’s Encrypt. Once this kicks off I’ll move all my sites to HTTPS.

ISP providers

Another issue is the ISP’s the people who you pay for internet access. They, too, are snooping at what you do online, what pages you visit, what you download (P2P).

I’m not a security expert, I know my connection is not 100% private or secure but I take an additional step to protect my privacy: I tunnel my traffic through SSL to my VPS sever

What this means is that I connect first to my server, through a theoretical encrypted connection, and then I surf the web. With this I hope the ISP won’t know what I’m doing, at least not so easily.

We can’t be paranoid

It’s easy to enter a paranoia mode, in reality if you want total privacy you should get offline. Throw away your phone and use face-to-face communications from now on. But we all know that’s impossible nowadays.


Leave a Reply

Your email address will not be published. Required fields are marked *