| I started using TextSecure with my closest friends, but not after the documentary, after the first Snowden revelations. I'm also very cautious about using non-HTTPS sites these days, or using sites with broken HTTPS. I sent my bank an email about their poor HTTPS configuration as well. I also intend to use EFF's CA for all my future sites, regardless of what type of site it is and whether it actually "needs" HTTPS or not. I'm much more careful about what I share through Gmail/Hangouts. I use 2FA for Gmail now, but I know it's useless against the NSA, because Google defaults to SMS-based 2FA (and the wireless networks are completely owned by the NSA), regardless of whether you chose SMS or Authenticator 2FA. It's mainly to protect against other "regular" hackers. I plan to start using FIDO-ready hardware tokens this year, and I won't change my phone until the new ones have strong support for local fingerprint recognition/FIDO. I try to use as few Microsoft services as possible: http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-c.... I haven't managed to move off Windows yet, but I might in a few years time. What most people don't realize is that Microsoft gives NSA "back doors" on a daily basis. It's all the zero-day vulnerabilities they share with them months before Microsoft gets around to fixing them. That's time in which the NSA can exploit those vulnerabilities. And now, unfortunately, Apple is going to do the same (technicaly giving them to the DHS...but I think we all know those are going to the NSA, too). http://bloomberg.com/news/2013-06-14/u-s-agencies-said-to-sw... |
It's hard to totally avoid Microsoft/Google etc absolutely, but by not buying into them completely at least it's security through obscurity.