Want to Evade NSA Spying ? Don’t Connect to the Internet | Wired Opinion

Want to Evade NSA Spying? Don’t Connect to the Internet | Wired Opinion | Wired.com
►http://www.wired.com/opinion/2013/10/149481

When you set up your computer, connect it to the internet as little as possible. It’s impossible to completely avoid connecting the computer to the internet, but try to configure it all at once and as anonymously as possible. I purchased my computer off-the-shelf in a big box store, then went to a friend’s network and downloaded everything I needed in a single session. (The ultra-paranoid way to do this is to buy two identical computers, configure one using the above method, upload the results to a cloud-based anti-virus checker, and transfer the results of that to the air gap machine using a one-way process.)

Want to Evade NSA Spying? Don’t Connect to the Internet | Wired Opinion | Wired.com
►http://www.wired.com/opinion/2013/10/149481

Air gaps might be conceptually simple, but they’re hard to maintain in practice. The truth is that nobody wants a computer that never receives files from the internet and never sends files out into the internet. What they want is a computer that’s not directly connected to the internet, albeit with some secure way of moving files on and off.

But every time a file moves back or forth, there’s the potential for attack.

And air gaps have been breached. Stuxnet was a U.S. and Israeli military-grade piece of malware that attacked the Natanz nuclear plant in Iran. It successfully jumped the air gap and penetrated the Natanz network. Another piece of malware named agent.btz, probably Chinese in origin, successfully jumped the air gap protecting U.S. military networks.

These attacks work by exploiting security vulnerabilities in the removable media used to transfer files on and off the air gapped computers.