It’s a year since the name Edward Snowden became world famous and a year since we learned that the USA’s National Security Agency has infiltrated the internet like an aggressive fungal mycelium.
In the time since then, the internet population has tried a variety of treatments to rid itself of the newly discovered but deep-rooted infection.
Some people looked to their politicians. Unfortunately the organs of power in the USA didn’t have much appetite for strong medicine.
At the very height of the scandal, the US congress opted to ignore the problem and, in the political equivalent of avoiding the doctor to shield themselves from bad news, declined to limit the NSA’s data collection.
Things have looked a little less unpromising of late but laws passed by congress to protect US citizens from their own government (rules that rely on spies obeying the law) are no salve for the 96% of the world’s population that live outside US borders.
Some zealous private citizens tried to starve the infection. Recognising that even malign living things need water, they attempted, unsuccessfully, to dry up the well and overheat the NSA’s unbelievably thirsty data centres.
The first acts of the tech community were no better. The organisers of DEF CON opted for the silent treatment and tore up the federal government’s party invites while Black Hat attendees fought back with booing.
Thankfully, quieter, more sober heads have come to the fore since then and realised that staying healthy will require regular, ongoing and unexciting exercise.
Dull but vitally important projects like LibreSSL and the Open Crypto Audit have emerged to protect the integrity of the internet’s immune system – the strength and vitality of its cryptography – from lethargy and neglect.
Of course, work of those projects can only protect us if we make data encryption a regular part of our own daily lives.
That last part, using and demanding encryption in our daily lives, is where Reset The Net comes in.
5 June 2014 is Reset The Net, a day to take back our privacy by using strong encryption whenever and wherever we can and insisting that the organisations we rely upon do so too. The Reset The Net pledge reads:
On June 5, I will take strong steps to protect my freedom from government mass surveillance. I expect the services I use to do the same.
Reset the Net isn’t the first attempt to organise a day of taking back our privacy.
In February 2014 a grassroots collective tried to mark the first anniversary of the death of Aaron Swartz with a day of anti-surveillance activity called The Day We Fight Back.
The campaign was a well meant but futile and toothless attempt to emulate Swartz’s successful anti-SOPA campaign.
There was no Fight in the Fight Back, just posturing and protest.
I wanted The Day We Fight Back to be something I could get behind but it wasn’t.
Highly organised government surveillance will not be challenged by the most dilute form of modern technical homeopathy, changing our Twitter avatars.
Less sedentary protesters were urged to contact their congressmen but, as I mentioned earlier, changing the law in the USA will never be the answer for at least 96% of us.
I was also convinced that we should broaden our horizons and assume that countries other than the USA are tapping and spying on internet traffic.
The post-Snowden media conversation has been almost exclusively focused on what the NSA is doing (or, more correctly, what one man knew about what the NSA was doing around 2008, the era of Windows Vista).
It’s the only evidence we have, so it’s treated like the only evidence that exists but, as Carl Sagan reminded us:
Absence of evidence is not evidence of absence!
We would be fools to assume that stopping the NSA and safeguarding our privacy are the same thing.
I argued at the time that our only viable defence, the only way to really Fight Back, would be by adopting or contributing to projects that improve our use of encryption.
Fancy let’s-all-join-hands graphics aside, Reset The Net is exactly that. It’s everything that I wanted The Day We Fight Back to Be.
In a word, useful.
You can join in by looking at the Reset The Net Privacy Pack, a handy list of everyday software that uses encryption, and ways to turn on the encryption you already have.
For our part we have decided to join in with Reset The Net by offering our entire site over HTTPS.
From now on you can choose to read every page of your favourite computer security news website over an encrypted connection.