Credit: flickr/ricky montalvo
I'm still in shock over the Ashley Madison hack, which exposed more than 37 million users. No, my name and email address are not on the list. No, I'm not morally outraged over the number of people who were either lying to a significant other or hoping to have a liaison with someone lying to a significant other.
However, I can't believe 37 million people thought there was such a thing as real, long-lasting privacy on the Internet. Who are these people?
Do they simply ignore the constant stream of stories about hacked websites, hacked businesses, and stolen personal information? Or did they believe that Ashley Madison's crackerjack security team had magically accomplished what no one else has ever done: Keep hackers out?
Haven't they heard about everyone's naked photos ending up everywhere? Have they never been notified that their credit card was compromised? How deep does your head have to be in the sand to think that anything you do anything online, much less cheating, will remain private? Oh well -- millions of people still fall for Nigerian email scams or install anything the Internet tells them to install.
But this latest incident got me thinking: Could it be possible to establish true, lasting privacy on the Internet? Here's my best guess at what it would take to remain anonymous over the long term, without your online identity outing your real identity.
1. Find a safe country
First, you would have to be physically located in a country that doesn't try its hardest to spy on you. That's a tall order. Almost any country with any type of cyber awareness and talent is spying on its citizens "for their own protection." Your best option is to find a country with good Internet connectivity that doesn't have enough resources to monitor everything its citizens are doing.
2. Get an anonymizing operating system
Next, you'll need an anonymizing operating system that runs on a resettable virtual machine running on secure portable media. The portable media device should use hardware-based encryption or a secure software-based encryption program. One of the top products on that list is Ironkey Workspace. It offers good encryption, locks out users who enter too many bad passwords, and comes with Microsoft's portable OS, Windows to Go, on several USB key models.
Many privacy advocates prefer a Linux Live distro, such as Tails or ZeusGuard. Live OSes are designed to be booted from removable media for each session, and Tails is one of the best, built for and focused on privacy and security. The NSA has stated in an internal, leaked presentation that Tails and Live OSes like it are a threat to its eavesdropping mission. That's a ringing endorsement.
Sign up for CIO Asia eNewsletters.