Is using a laptop with wi-fi from the library etc any better (in terms of OPSEC) than having a home Internet connection? We disconnected from our satellite ISP from home a while ago and now only go online from assorted wi-fi connections when we get to town. But is this any safer? What else should I be doing to keep a lower profile? Thanks, - Jeff T.
#1 Son Replies: There are several ways that you can be identified over the Internet. First is though your IP address, and more significantly, through your Internet service provider (ISP). Information on every site you visit and every email you send is potentially recorded and available to an intrusive government.
The other major weakness is through your email and other online accounts. Gaining access to your email, FaceBook, Internet forum, Amazon, eBay, PayPal, bank, or AOL/Microsoft Instant Messenger (IM) account would provide a trove of information to any snoopers. Who you talk to, what you've said, bought, and what you've read. You must keep in mind that anything said over the Internet is potentially vulnerable to being intercepted, even many years after the fact.
Overall, achieving genuine privacy on the Internet is very difficult. If you don't use the Internet at home, then investigations might instead just be directed at your e-mail account. However, if you are under a severely restrictive, technically capable government, public Internet access could be a useful tool for circumventing censorship. But for real security doing this, you should buy a dedicated a laptop computer for this use. If you are in a really draconian situation, then buy a used laptop with cash. Do nothing that would identify that computer with you. Don't use it to log in to your e-mail account or use your home Internet connection. Use public Internet connections, and use it strictly anonymously. This computer will be what you use for visiting controversial web sites, political writing, or sensitive communication. Keep it completely separate from your family and public life, so what you say with it cannot lead back to you. Any access of the Internet through an ISP leaves an audit trail! Leave completely separate Internet fingerprints for your public and private lives! (Addenda: Ben in Tennessee wrote to remind me that computers have unique Media Access Control (MAC) addresses. These MAC addresses can be combined with the IP Address to link the traffic on a network such as the Internet to your network card and thus your computer.)
At the present time, this level of COMSEC applies only in a situation like that in Cuba or mainland China, where censorship is rampant, and there might be repercussions for speaking out against the government. Short of this, in situations where you don't have to be totally anonymous, follow common sense. Use strong passwords. Consider very carefully anything you type or do. Anything can come back to haunt you. Use pseudonyms and secondary e-mail addresses for anything controversial. (It takes just a couple of minutes to set up a Hotmail or gmail account. You can establish and then discard them after very brief use.) Don't use the same e-mail address that you give to friends and co-workers to register on preparedness or political forums.
Keep in mind that the lynchpin to your online identity is your e-mail account. Once someone gains access to your e-mail account(s), then they can gain access to most or even all of your various web accounts. Just think how many times that you've had to be reminded of your passwords via e-mail.