£1 Billion has already been ploughed into a monitoring system in the UK that could make every user of technology in the country a target for Big Brother.

The system, based in a building in Benhall, and reported by TechSnake in July, is being funded to intercept all email, SMS and internet traffic to the tune of £12 Billion, once running. Reported in a post on the This Is Gloucestershire website, the move has caused councillors and MPs to question the Government’s morality.

I, personally, can’t believe what is happening. In a modern society too. It is the civil right of every person to have private communications with each other without the government spying over their shoulders. This typical attitude by government agencies is of course wrapped up in the “threat of terrorism” cliché, that is starting to wear just a little too thin. Preventing terrorism is important, but not to the detriment of every other law-abiding citizen. The fishing net mentality is ridiculous - the process is already in place whereby a government agency can get a court order to track individual’s messages for potential terrorism involvement - the government doesn’t need to employ this level of privacy invasion. So what can we do about this - in the UK and globally?

Well of course you can set up an e-petition on number10.gov.uk and you can also voice your opinion to your local MP, to make sure it’s raised in the Houses of Parliament - our civil liberties shouldn’t be taken for granted. For people outside the UK, I would do some research if I were you into current government projects - you may be shocked that something similar is happening in your country. However, I think it’s probably too late for us in the UK even now to do anything about it (although I’m open for comments on this) - the government have already invested £1 Billion of our money into the scheme, so they’re unlikely to back out. All we can do is protect ourselves in the future.

So what can we do to protect our privacy? As regard to SMS messages, I think they are pretty much open to interception, there is nothing we can do to prevent the government from looking at our text messages. Of course, the most important thing is not to send anything important over SMS - passwords, bank details and any other sensitive information shouldn’t be sent over non-secure networks anyway.. And I’m sure we all make sure we’re careful, right? Most of us don’t, I know (I’ve sent passwords myself using a text message). Well maybe now we’ll start to change our attitudes a little - maybe we’ll remember when sending it, that there is potentially a middle man snooping on our private conversations.

Web traffic can be secured quite easily, although the methods at the moment mean you will see bandwidth degradation (and that’s the main reason people try it, then go back to unsecured internet access). I am of course talking about Tor & The Onion Network. If you’re unfamiliar with Tor, it is a piece of software that implements a secure network, so you can browse with anonymity - and was created with just this problem in mind. The Tor software routes your web traffic through an onion router network - a special kind of network where each router doesn’t know the original source of the request - essentially making you anonymous.. If you want to get your hands on the Tor software, which also includes a nice Firefox plugin - to switch between secure and unsecure modes, you can visit the Tor Project. The site will explain in more detail the fundamentals of Tor, and the Onion network - plus it has a lot of documentation, and details of how to volunteer for the cause.

So now we come to email. Believe it or not, it was probably easier to protect your email 5 years ago than it is now - and that’s purely because of habits people (including myself) have adopted since. For instance, a lot of people don’t use a desktop-based client anymore, which is relatively easy to integrate with encryption software. Instead, their email is held “in the cloud” either with GMail, Yahoo Mail, or any of the other web-based email services. What can you do to protect the content of sensitive emails if you’re sending by these methods? Unfortunately it’s not that straightforward.

One option you do have is GnuPG - or Gnu Privacy Guard. GnuPG is a project that implements the OpenPGP standard. If you’re unfamiliar with cryptography, I would suggest reading the very good Wikipedia pages on PGP and on Public Key Crytography. For MS Windows users, there is a version called GPG4Win - and this has integration for Outlook 2003 & MS Explorer - for encrypting files on your system. However these options require you to install the package, create a key-pair, encrypt your text by copying and pasting (if you’re using web-based email), and sending the message. This assumes that the person you’re sending to is also a user of PGP or GPG and has your public key. It would be so much nicer if encryption was already integrated straight into your webmail - unfortunately it looks like there are no plans by Google or Yahoo to do this.

Well there are people that have thought of these problems, and have gone part way to a solution. There is a program called “FireGPG” which integrates into Firefox (what do you mean you’re not using Firefox yet?) and gives you the option to encrypt or decrypt text on the fly, by right-clicking on the page and choosing what you want to do. And in Gmail it gets even better - you are presented with a row of buttons related to encrypting and signing the email next to your regular Send button. Now all you have to do is send an email to all your friends and get them to do the same - assuming it won’t be intercepted of course..

So the upshot of all this is, come to terms with the fact that everything you send over an unsecure network (the internet) is always going to be read. Accept that. And anything you don’t want to be read, other than by the recipient, encrypt by the means I’ve said. Also, text messages should never be used to send anything sensitive.

Keep posted, as I’ll be doing a tutorial on using GPG / FireGPG with Windows very soon.