Outsmarting Big Brother

Building Your Own Digital Defense System

Jan 12, 2025

Note: this is part 7 of a series on how to go further by integrating asymmetrical defenses against overeager states.
Here are the 6 articles in the series:
Building Digital Fortresses Against Government Overreach
Reduce Your Taxes and Be Freer: Unleash the Power of the 7 Flags
How to Implement The 7 Flags
Do You Need a 2nd Passport to Stay Free?
The Quickest Ways to Get a Second Passport
The Ghost Protocol - Making Without a Single Government Tie

We've talked about it at length throughout this Substack: encryption is a major asymmetric defense to use: absolutely trivial to use for an individual, and impossible for a nation-state to counter directly, when properly employed.

Many people today take access to such important protection for granted, but encryption is the fruit of a long struggle by an informal group of activists, cryptographers, programmers and other technology enthusiasts in the 80s and 90s.

They firmly believed in the need for strong cryptography to prevent computer technologies from giving states an asymmetric advantage over their populations, so much so that they facilitate the surveillance of everyone by default.

Disruptive Horizons

The Temptation of Generalized Surveillance

Note : After the 14-part series in which we looked at how nation-states are being disrupted by the Internet and globalization, and a 4-part series on why now is the worst time for them, I have concluded that there are two main ways for governments to respond to these disruptions…

a year ago · 7 likes · 4 comments · Olivier Roland

They mainly fought against forms of encryption that had been deliberately designed to be breakable by governments, and which would therefore have enabled mass surveillance.

Cypherpunks: Fighting for privacy in the face of mass surveillance.

The Clipper chip & the encryption war

An emblematic example of this struggle was the "Clipper chip" proposed by the US government in the 1990s. This was an encryption device with a backdoor that would have given the government access to encrypted communications. This group of activists, known as cypherpunks, vigorously opposed the project and helped alert the public to the dangers it posed to users' privacy.

What's more, at that time, the export of strong cryptography technologies was regulated in the United States, which effectively prevented non-American users from protecting themselves against surveillance.

Cypherpunks resisted these restrictions by publishing cryptographic software on the Internet1 , which helped make the technology widely available.

They also pointed out the absurdity of banning the dissemination of code, showing that a computer language is indistinguishable from a "normal" language and is therefore protected by the First Amendment to the US Constitution.

How? By printing the code of PGP, the first software capable of protecting emails with government-unbreakable encryption, in a book: the law prohibited the export of PGP's source code, since it was considered a "weapon", but the First Amendment prevented any censorship of a published work. The Constitution takes precedence over any law.

The source code of an unbreakable encryption algorithm on t-shirts by Adam Back cypherspace

They performed a similar demonstration by printing the source code of an unbreakable encryption algorithm on t-shirts, with the words "Warning, this t-shirt is classified as ammunition and may not be exported from the United States or shown to any foreign national2 ".

Ultimately, their efforts contributed to the abandonment of the Clipper chip and the easing of export restrictions on strong cryptography.

Cypherpunks' fight : Defending encryption as a First Amendment right.

Without their fight, not only would the Internet be far less secure today, but cryptocurrencies could never have existed.

So let's pay tribute to them, not only by showing our respect, but also by making intelligent use of this precious gift they have bequeathed us, and which many governments, no doubt, will try to thwart in the years and decades to come.

What's more, as I've tried to demonstrate throughout these articles, the temptation of total digital surveillance is so strong within today's governments, including democratic ones, that every enlightened citizen owes it to themselves to stop being illiterate when it comes to computer security, and to educate themselves a minimum on the subject to protect themselves in the most effective asymmetrical way.

And if you're thinking, "Great! That's good, because all the services I use are encrypted", I've got some bad news: they're probably not end-to-end encrypted, and if you don't use this type of encryption, you don't have an asymmetrical defense against most states.

Normal" encryption and end-to-end encryption

First of all, the basics: encryption secures information by transforming it into a format that can only be read by people (or systems) who have the appropriate key to decrypt it.

There are many types of encryption, but to keep things simple, I'm going to focus on two models: "normal" encryption (also known as in-transit encryption) and end-to-end encryption.

In-transit encryption (or "normal" encryption)

When you send information over the Internet, such as an e-mail or a message in an application, this information is often encrypted as it travels between your device and the service provider's server.

This means that if someone intercepts the information in transit, they won't be able to read it, which is very useful, as there are bound to be relays between your connection point and the server you're connecting to: each of these relays could eavesdrop on your communications if they weren't encrypted, including people or systems connected to the same local network as you (which would be very insecure in a large corporate network, or a public place such as a hotel, airport, etc.).

What's more, data transits over cables and/or wireless connections that can be, and are, intercepted by the intelligence services of different countries, as we saw in “The Temptation of Generalized Surveillance”.

However, once the information reaches the service provider's server, it is decrypted, processed and then re-encrypted before being sent to the recipient. This means that the service provider has the ability to see and access the information you send.

This creates two major problems:

If the server you're connecting to is hacked or malicious, it can access all the data you send.
Government agencies can obtain this data from the company or individual that owns the server.

End-to-end encryption

End-to-end encryption goes a step further: not only is the information encrypted in transit, it's also encrypted on the server - the server owner can't access your data, because it remains encrypted even on his servers.

So even if the server is hacked or a government agency requests access to the data, your information will remain inaccessible.

And concretely, why should it matter?

Did you know that certain employees in these departments have access to ALL your documents?

What about access to ALL of your documents ?

Google Drive, Apple iCloud, Dropbox, Microsoft OneDrive
Gmail, Yahoo Mail, etc.
Google Docs, Office 3653 , Evernote, Notion
Slack, Trello, Microsoft Teams (with default settings)
Adobe Creative Cloud
Zoom (with default settings), Skype

And that in the event of a serious hack of these services, everything you've put into these applications will be accessible to hackers?

The same applies if a dishonest employee steals data, or if a government agency asks the company for access to your documents.

These companies may even decide to change their terms of use to allow their employees or systems free access to your data, or delete data they deem to be in breach of their terms of use.

That's what Evernote did at the end of 2016, for example: change its privacy policy to explicitly allow its staff to use your notes for internal purposes.

This caused a scandal: many users complained on social media, which led Evernote to retract4 . Fine, but from my point of view, they shouldn't even have had this option in the first place.

Similarly, it's well known that you're not free to write whatever you want on Google Docs: the company scans your documents for forbidden words, and doesn't hesitate to replace them with asterisks5 , or even block access to entire documents6 , including on Google Drive7 , if the algorithms deem that what you've written is not compatible with their terms of use.

This is possible because each of these services uses standard encryption by default: they therefore have the power to see all your data, and where there's power, there's a strong temptation to use it. The power of the ring always ends up devouring its owner.

What's more, the growing number of reports of services being hacked should make you aware of the importance of using truly secure services (with end-to-end encryption) rather than services that are "merely" encrypted (but whose data is accessible by the company providing the service), unless you want to see your documents and personal data freely accessible on the Web forever.

Coming soon

In the next article, I’ll share with you the end-to-end encrypted tools that I recommend.

Stay tuned ! In the meantime, feel free to follow Disruptive Horizons on X/Twitter & Linkedin, and join the tribe of Intelligent Rebels by subscribing to the newsletter :