Private function

Aug 25, 1999 at 12:00 am

Is it possible for the private and anonymous self to survive online? Or are we submerged in the world’s largest digital fishbowl, flopping around like guppies in a shark tank at the zoo?

In last week’s Rolling Stone, William Greider’s exposé on cyberprivacy quoted Sun Microsystems CEO Scott McNealy as saying, "You already have zero privacy – get over it." But this comment is both arrogant and only partially correct. You don’t have much privacy — unless you do something about it.

Take e-mail. Although standard Net mail protocol is about as private as a picture postcard, there are reliable ways of protecting your online correspondence. Next time, consider one of the following privacy measures:

Remail it: The most popular mechanism for sending e-mail anonymously is a remailer, an automated service that privatizes your e-mail by filtering it through one or more anonymous servers. These computers strip off your e-mail address and any other identifying data.

Over the past few years, political dissidents and other underground types have used remailers to avoid government detection. More recently, privacy-aware netizens have begun abandoning their ISP’s standard e-mail service in favor of the greatly increased security of remailers.

Although hundreds of remail servers exist (check out Electronic Frontiers Georgia's list), the easiest remailing experience is the new breed of Web-based remailers. Unlike early remail servers, you don’t need to reconfigure your browser’s mail options. Instead, you simply visit a Web page that automates the entire process. My current fave Web remailer is a free site called ZipLip; it’s the perfect on-ramp to the world of e-mail privacy.

ZipLip is a snap to use. Just type in your message and the address of the person you want to reach, and click "send." You can even choose whether to include your own return e-mail address. ZipLip’s posted privacy policy promises they keep no record of your presence, and they permanently delete all messages 24 hours after they’re read.

Of course, rumors abound on the Web that so-and-so’s remailer is actually a front run by the CIA (or worse, the National Security Agency). And using a remailer only ensures anonymity, not privacy. Your message may still get broadcast in a readable form, and could theoretically be intercepted in transit. If you’re really serious about keeping your e-mail private, you might want to try stronger measures …

Encrypt it: To make sure their e-mails are readable only by the intended recipients, the Web’s cryptographic elite (often called cypherpunks) encode first and send later. It’s tricky, but you can do it too.

The most popular software for e-mail encryption is called Pretty Good Privacy (or PGP). Its privacy algorithm is so strong that the U.S. government — fearing cyber-terrorism — has outlawed its export. But if you’re a United States or Canadian citizen, PGP is a free public download, courtesy of the generous academic types at MIT.

PGP installs on your computer automatically, but everyday use is a little less straightforward. In order to communicate with someone else, they must also have PGP loaded on their computer. Next, you must exchange "keys," a tiny file that PGP creates uniquely for each user. Having a person’s key does not allow you to read their mail; it just lets you encrypt messages to them. Once encrypted, only they can unscramble the message (using their copy of PGP). It’s not elegant, but it works. So far, no one on has been able to crack PGP’s code.

Wait it out: If these methods seem too technical, you might try waiting for a more user-friendly approach. Online privacy may soon become big business. A survey released last week by research giant NFO Interactive found that nearly 70 percent of Web users who haven’t made an Internet purchase would if they felt their privacy was truly protected. So, several companies have already announced "consumer-oriented" privacy solutions. While many of these products may turn out to be more PR than privacy, an upcoming product called Freedom has even the cypherpunks buzzing. Created by Montreal, Canada-based Zero Knowledge Software, Freedom runs with your Web software to ensure complete privacy in a totally transparent manner. There are no "key" files to manually exchange, and recipients of your e-mail don’t need to also own the Freedom software. Reportedly, Freedom will feature 4096-bit encryption, and a recent article on Freedom in Shift magazine notes, "There isn’t enough computing power on Earth to break (it)."

Freedom won’t appear until later this year, but you can sign up for your very own beta copy.

Stay on top: Online privacy techniques change faster than Internet stock quotes. If you care about your privacy, check out the alt.privacy.anon-server and newsgroups on Usenet (or use to easily surf these areas from the Web). You’ll find posts listing the latest and greatest remailers, plus heated debates about which privacy approach works best.

You’ll also find hundreds of anonymous test messages that ask: "Can anyone reading this tell who I really am?" There’s no way to know for sure, but one of them might even be from me.