It’s not paranoia if they really are out to spy on you

The Thinker by Rodin

President Obama says that no one is reading your email. Maybe not in my case because most of my email is not particularly interesting, but I sure as heck don’t like that the government is collecting huge amounts of metadata about me. Metadata (data about data) is really equally as interesting, if not more so, than actual emails and Facebook posts that you make.

Supposedly a secret court oversees all this. But it’s not a good omen when this court rejects only a handful of requests a year, and approves thousands of others. It’s not comforting to know that Big Brother is indeed watching me to keep me safer and that President Obama is as complicit in this mess as everyone else. Most of Congress has little idea what is going on, and those that do are sworn to secrecy. Being vested members of the system, they will have a natural tendency to think that government’s security needs will trump your right to privacy in your daily affairs.

I could possibly be okay with non-US citizens being monitored by the government but not me, no way, not without my explicit consent. I am a citizen, and I have freedoms and an inherent right to privacy. It’s in the Bill of Rights: freedom from unreasonable searches and seizures, a.k.a the Fourth Amendment. Any Supreme Court worth its salt would reject Project Prism, identified in leaks by Edward Snowden, as wholly unconstitutional. But it is clear that the NSA is sniffing pretty much every packet of data it can get its hands on, not to mention telephone records, and putting all the metadata into huge hosting centers, and maybe your data as well. It’s not even clear that even with a legal prohibition they would actually stop.

Like many Americans I will be working to enact laws to get the government out of the proactive data collection business of U.S. citizens altogether. I have to admit that the probability of my success is rather low, but it would help dear reader if like me you holler like hell at your elected officials. They need to understand that this is not acceptable at all. And if you are cool with the government reading your email and tracking your online behavior then by all means give them permission to do so. I never did.

There have been a number of depressing articles recently about just how easily the government can collect information about us. Of course, it is not just the government. We are already deeply in bed with services like Google that make fabulous search engines and great email in the cloud products, while developing uncannily eerie portfolios of our behavior more valuable than years of babbling to a clinical psychologist.

If like me you are fed up, you might try a few ways of fighting back. Here are some I know about from reading, my experience and that very useful course I took on networking in graduate school.

First off: email. I am guilty of using Gmail. It sure is convenient to have a decade or so of email in the cloud, accessible anywhere I go. However, if you really want private email, you are going to have to pay for it. More importantly, you need an email host not located in the United States. This way when they get a subpoena from a U.S. court they can just laugh. You pay them so they don’t start serving you advertisements and developing their own psychological profile of you. There is no completely risk free solution, but you need to avoid all the cloud email services and that includes GMail, Yahoo Mail, MSN, Hotmail and the like. Here’s one to try: hushmail.com. They are located in Canada and all email is sent via Secure Socket Layer (https). You can use their free web email but if you prefer secure POP or IMAP access, you got to pay them. Their premium package is $34.99 a year. It’s money well invested. Of course they do have some limitations. You can’t use it for sending out spam or for any illegal purpose, at least for any illegal purpose applicable in British Columbia. And for their free web mail, if you don’t log in at least every three weeks, they’ll remove your account. If you do have a hushmail.com or similar type of account, don’t advertise it on your web site or business cards. You don’t want the NSA to associate you with it.

Like to instant message? Don’t particularly like having the NSA able to listen in? What you need to do is nag your chat partners to use encryption. Of course many providers already provide that, but if they can decode it on their servers when sending it between parties then you are vulnerable. You need a chat client with OTR (“off the record”) functionality. Basically you and your recipient exchange cryptographic keys each of you generate and trade them using the protocol. It takes a little bit of effort and you may have to convince your friend to use Adium (Mac) or Pidgin (PC and other operating systems), and then show them how to use OTR. It’s a relatively painless one-time thing between two parties. Your instant messaging provider won’t be able to decrypt it, and neither will the NSA.

Who doesn’t like surfing the web? You may not like it as much if you can’t use your favorite browser, but if you can deal with Firefox you can install TOR, a browser endorsed by Edward Snowden himself. TOR is a customized version of Firefox with privacy enhancements, so it is built on top of an open-source browser. Essentially it proxies traffic between frequently changing servers, making it hard if not impossible for your browsing to be associated with your address on the Internet. I tested it yesterday. I admit it is a bit slower working through a proxy and some of the security features are annoying (it doesn’t want to retain links or easily import bookmarks). But used religiously and you will seem a G-rated person to the NSA even if you live an R-rated life.

Like your cellular phone service but want it secure? Look into Silent Circle. You can also use it for secure messaging, video chats and email. Also look at Redphone software. Curiously, Redphone was developed with your tax money.

What else can you do? If you don’t like turning over private aspects of yourself you could be very brave and delete your Google, Yahoo and other cloud-based accounts. Remember, the government could request these services to give you all their metadata. I’ll grant you that deleting these accounts is hard because they are so convenient. So save those services for the truly vanilla stuff you wouldn’t mind putting on a postcard.

On my list of things to do is getting rid of accounts on sites that provide specialized services. I mentioned mint.com earlier this year. It’s a neat site but it knows too much about me, including all my account numbers and passwords. It’s going to get deleted soon. I’ll keep my financial stuff in Quicken on my home computer. I’ll backup my files to a spare external hard disk, which is easy enough using my Mac and TimeMachine.

Six years ago I mentioned TrueCrypt. It’s a great way to encrypt your whole hard drive, so even the NSA can’t read it. With many operating systems you can do this with a simple command or two. Look into it.

Mobile devices have all sorts of security issues. At a minimum you can try to use secure socket layer when communicating. Many of the solutions I mention above have mobile equivalents. Use them if you can or keep your mobile life boring and G-rated.

Thanks to Edward Snowden, our worst fears have been confirmed. There is no reason to let the government know more about you than your spouse, but that potential is there. You are being sniffed, cataloged, indexed and, perhaps without a court order, having your digital content analyzed for subversive behavior or anything the government wants to learn about you. Join me in yelling like hell but don’t be a patsy either. Do what you can to keep the government out of your digital life.

Minted

The Thinker by Rodin

Financial planning is supposed to make your life easier, but it is definitely a hassle. It becomes more of a hassle when you old financial planner has faded away and you feel the need to find a new one. Our new planner has his own ideas about what it means to have your financial life properly planned. It means financial assessments, many client meetings and writing three and four figure checks to our financial planner. Finally you end up in a new place, with your financial life not necessarily simpler, but at least orderly and following a sound financial strategy. And hopefully, you have less anxiety about whether you will be eating dog food in retirement. To lessen the anxiety, your planner generally provides a nice binder with pretty charts, words and numbers in it. In my case, the charts even came colored.

One thing that’s new with this financial planner is that we have most of our investments centralized in a brokerage. I chose Scottrade though I am sure there are other good and cheap brokers out there. Like lots of things related to getting your financial house in order, it’s a huge up front hassle for a long-term benefit. In our case, it meant setting up four separate brokerage accounts (one joint, one traditional IRA for me, and two IRAs for my wife, one traditional, one for rollover IRAs). It meant shuffling papers to the investment firms that gave them permission to let Scottrade buy and sell for us. It meant signing another form so one account could access all the other accounts. And it meant $630 additional to our financial planner, to make sure all the initial trades were done right. Using Scottrade with my planner looking over my shoulders online in a Skype session also gave me some insight into how day traders work. I felt I needed a set of green eyeshades, but mostly I am glad not to be a day trader. Rebalancing funds once a year is fine with me.

It also has meant becoming acquainted with mint.com, a free online web site now owned by the Quicken people to help you manage your finances. If you are hoping that mint.com will balance your checkbook, unfortunately it won’t do that, at least not yet. This is probably good for Intuit, the company that owns Quicken, because it keeps them selling their core product. However, for doing budgeting, minimizing hassle and giving you insight into your finances, mint.com is very impressive.

It took me only about half an hour to get it set up. I had to create an account then tell it about my various checking, savings and money market accounts. I had to give it my credentials for accessing these accounts, as well as for my various investment accounts. But it was super easy to do this. What really impressed me is that it knew about the Thrift Savings Plan, the federal government’s agency for managing federal employee’s 401K accounts. To track these investments in Quicken, I had to input the information from my quarterly statements, available in detail only online. Quicken, or at least Quicken for the Mac which is what I use, cannot access it electronically. Mint.com though just jumped into it, quickly summarized information by fund type and pulled in the transactions as well. It also let me know how well each fund was performing. Yeah, just like that. Slick!

Mint.com sifts through transactions in all your accounts and does a pretty good job of automatically categorizing your transactions into its budget categories. Then based on your spending it will try to infer a budget for each category and tell you how your spending is going compared to the budget. Of course you can refine your budget manually. Most people though are like me: inherently lazy. Mint.com caters to us inherently lazy people, and seems to get smarter the longer you use it.

In short, for general tracking your spending, investments and liabilities, it’s a great tool. For getting an overall picture of your financial health and tracking your finances over time, it’s slick as well. Unfortunately, it’s not smart enough to categorize everything correctly. You really should sift through your transactions and put the ten percent or so that are not categorized into the correct categories. But this seems to be necessary only for those who are anal. If big picture is good enough for you, mint.com is all you need.

As I noted, it won’t balance your checkbook. So if you need this level of detail, you are going to be using Quicken or one of its competitors. If you don’t bother to balance your checkbook and are only concerned if you might overdraw your account, mint.com will do a good job of watching for when you drop below thresholds and sending you notifications when you cross them. You just have to be smart enough not to write checks that are too large.

In short, it’s a site with a lot of potential, bringing financial organization to the lazy. If it can wholly replace the functionality of Quicken, it would keep me from the hassle of entering most of our transactions into Quicken, potentially saving me huge amounts of time. I would like the site to morph into a complete financial solution, so I can pay bills from the site with a few clicks. It already warns me somehow of when bills are due.

It’s about saving my time so I can do more interesting and fun stuff. Software like Quicken helps make managing my finances easier compared to doing it with pen, paper and a calculator, but Quicken is a huge hassle compared with mint.com.

Hopefully, mint.com will figure out a sustainable financial model. I don’t think it comes from their current approach, which is to serve targeted financial ads. I think it comes from selling services that balance your accounts, categorize your spending in greater details, pay your bills with a few clicks and that help you see the big picture. Maybe someday I can trust it to be my impartial financial adviser. If it can be as good as my financial planner, and be impartial, it could probably save me a lot of money on financial planning as well.