{"id":8228,"date":"2018-07-18T09:00:28","date_gmt":"2018-07-18T16:00:28","guid":{"rendered":"https:\/\/www.privateinternetaccess.com\/blog\/?p=8228"},"modified":"2021-10-25T13:28:48","modified_gmt":"2021-10-25T20:28:48","slug":"opsec-staying-private-under-surveillance","status":"publish","type":"post","link":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/","title":{"rendered":"OpSec – Staying Private Under Surveillance"},"content":{"rendered":"\n

One of the biggest mistakes that people make while trying to operate\u00a0 privately on the internet is giving up their information over side-channels. That is, they break operational security through a misunderstanding of technology or by simply outing themselves behaviorally.<\/p>\n\n\n\n

This article is intended to give you a list of tips on how to keep yourself private in a world of internet surveillance. It is broken up into two parts, technical security and operational security (OpSec). Technical security is avoiding outing yourself through technology issues. OpSec is outing yourself by making operational mistakes.<\/p>\n\n\n\n

Disclaimer: This is not a complete or exhaustive list, but a set of general guidelines on how to protect yourself from identification.<\/i><\/b><\/p>\n\n\n\n

Part 1a: Technical Security \u2013 Networking<\/h2>\n\n\n\n

There are multiple types of surveillance that take place, depending on your region of the world and your threat model. It is important to understand what is collected, and how to engage each of these methods of surveillance in order to protect yourself.<\/p>\n\n\n\n

Internet Service Provider (ISP) and\/or mass surveillance at Internet Exchanges (IX\u2019s) \u2013 This is full-take data capture that takes place directly at your ISP, or at a point nearby. This is typically targeted full-take surveillance that is targeted at a person of interest. Political dissidents, the press, attorneys, diplomats, and many others are subject to this sort of targeted surveillance around the world. This means that the oppressor is collecting everything that they can from your traffic. This means that for websites that are not encrypted, or websites that are using mixed content (secure and insecure), the oppressor can see when you\u2019re online, what websites you visit, how long you spent at the site, and any content that is not secure (ALL content loaded over regular http).<\/p>\n\n\n\n

If you are a targeted person of interest, all encrypted traffic may also be stored away to break into using current technology, or stored away until future technology can break the encryption.<\/p>\n\n\n\n

Countermeasures for Targeted and Mass Network Surveillance<\/b><\/p>\n\n\n\n

Use a Trusted VPN<\/a> + Tor<\/a> \u2013 This adds multiple layers of encryption and multi-hop networking which significantly complicates mass-surveillance. A good VPN also changes your DNS to prevent simple collection of your web requests, AND if you\u2019re visiting https websites, it is nesting 3 types of encryption in a single tunnel, which adds a significant challenge to an adversary that is trying to crack your traffic logs. You\u2019ve layered the VPN, Tor, and HTTPS encryption through the ISP and the nearest IX, and collection can then only take place somewhere between the VPN exit and the Tor network, or the Tor network exit and the HTTPS server. Either way, it presents significant sophisticated barriers to logging that are unlikely to be bypassed in any reasonable time. Your DNS requests are also behind at least two layers of encryption (VPN + Tor) and this can also be increased to three if DNSSEC or DNS-Over-TLS are enabled.<\/p>\n\n\n\n

Prevent DNS Leaks \u2013 This is a crucial step, because the mechanism that gives you security over a VPN or Tor is that your traffic is hidden among hundreds of other users that look identical to you. If your VPN client is using a DNS server that isn\u2019t uniquely mixing your traffic, as in, if your DNS requests are still going to your ISP\u2019s DNS instead, tying your traffic to your activity and times online becomes trivial. Here\u2019s PIA\u2019s tool for checking for DNS Leaks<\/a>.<\/p>\n\n\n\n

Prevent IPv6 Leaks \u2013 There are technical issues with addressing both IPv6 connection and IPv4 connections at the same time. The easiest countermeasure for this is to disable IPv6 entirely to prevent IPv6 requests from being responded to. Many good VPNs have leak protection built into their clients. Here\u2019s PIA\u2019s tool for checking for IPv6 Leaks<\/a>.<\/p>\n\n\n\n

Part 1b: Technical Security \u2013 Browsing<\/h2>\n\n\n\n

Use a hardened browser \u2013 Do not trust any browser\u2019s default settings to protect you from being outed, especially the big 4 (Chrome, Firefox, Edge, Safari). Private Browsing and Incognito mode do not protect you from surveillance at all. The Tor browser<\/a> has significant hardening against common types of technical profiling, doing a good job of hardening your browser against the most common types of features that will out you. This is a constantly changing landscape and staying on top of this aspect is crucial for maintaining your privacy.<\/p>\n\n\n\n

Keep watching this blog space for posts with specific browser hardening guides.<\/p>\n\n\n\n

Part 1c: Understanding Metadata<\/h2>\n\n\n\n

It is also important to understand that even while on a VPN and\/or Tor, there\u2019s still some information about you that leaves a digital shadow. Your ISP will see how much bandwidth you are using, they will see when you are on and offline, and when you\u2019re moving around significant amounts of data. These can be used to build a profile on you.<\/p>\n\n\n\n

Part 1d: Special Notes About Mobile Devices<\/h2>\n\n\n\n

Mobile devices have exceptional concerns, as app permissions are lax and you have additional concerns with mobile, wifi, and location data. There\u2019s also security concerns with applications having access to various critical components, and phone vendors having a lackadaisical attitude toward serious security updates. Be extremely careful with mobile devices and strip all unnecessary apps to minimize your attack surface.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Part 1e: Special Notes About Operating Systems<\/h2>\n\n\n\n

Note that all operating systems present challenges to your privacy. Some more than others. iOS and Android have significant problems with app permissions issues, metadata collection, multiple network interfaces, GPS, sleep\/wake problems, and VPN clients generally have to \u201cfight\u201d with a poor design environment that leads to more issues. Windows has extensive Telemetry built-in that requires a lot of work to minimize. Some of it cannot be completely disabled and Microsoft doesn\u2019t fully disclose what processes collect what types of data. OSX has less access to open-source projects as Windows and Linux get the lion\u2019s share of development resources in the open-source world. Linux has hundreds of distributions and the varying environments all have their own issues with vary degrees of severity.<\/p>\n\n\n\n

Part 2a \u2013 Operational Security \u2013 Logins<\/h2>\n\n\n\n

The primary concern with logins to any sites or services is correlation of data. If you are managing an online alias or just trying to keep your head down, you cannot routinely log into any sites or services. An adversary can associate your online times, the services you access, and correlate it with other activity. Over time, a large enough pattern of this will build up enough correlation to identify you.<\/p>\n\n\n\n

Part 2b \u2013 Operational Security \u2013 Images and Media<\/h2>\n\n\n\n

The primary concern here is metadata. Using the wrong type of image (JPG) can contain significant amounts of EXIF data that can include dates and GPS location data. PNG files generally do not contain metadata. Make sure that any media that you use has all metadata stripped before uploading it anywhere. Always.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Part 2d \u2013 Operational Security \u2013 Do Not Talk About Yourself<\/h2>\n\n\n\n

This is just more information to profile who you are. Do not talk about any details about yourself. Don\u2019t talk about your height, weight, gender, hair color, tattoos, sexual preferences, scars, piercings, medical conditions, or allergies. You get the idea. Zero. Personal. Information.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Part 2e \u2013 Operational Security \u2013 Speech and Dialect<\/h2>\n\n\n\n

Keep your writing as region-free as possible. Do not use special characters that are unique to your language. Do not use words and phrases that are unique to your region of the world. The more localized your speech is to a specific region, the more you narrow your privacy.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

These tips should help you stay private on the web. Stay safe!<\/p>\n","protected":false},"excerpt":{"rendered":"

One of the biggest mistakes that people make while trying to operate\u00a0 privately on the internet is giving up their information over side-channels. That is, they break operational security through a misunderstanding of technology or by simply outing themselves behaviorally. This article is intended to give you a list of tips on how to keep … Continue reading “OpSec – Staying Private Under Surveillance”<\/span><\/a><\/p>\n","protected":false},"author":32,"featured_media":8229,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_stopmodifiedupdate":true,"_modified_date":"","footnotes":""},"categories":[12,1,1941],"tags":[93,132],"class_list":["post-8228","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-news","category-surveillance","tag-internet-security","tag-tor"],"yoast_head":"\nOpSec - Staying Private Under Surveillance<\/title>\n<meta name=\"description\" content=\"One of the biggest mistakes that people make while trying to operate  privately on the internet is giving up their information over side-channels.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpSec - Staying Private Under Surveillance\" \/>\n<meta property=\"og:description\" content=\"One of the biggest mistakes that people make while trying to operate  privately on the internet is giving up their information over side-channels.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\" \/>\n<meta property=\"og:site_name\" content=\"PIA\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/privateinternetaccess\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-07-18T16:00:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-25T20:28:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Derek Zimmer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@http:\/\/www.twitter.com\/ostifofficial\" \/>\n<meta name=\"twitter:site\" content=\"@buyvpnservice\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Derek Zimmer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\"},\"author\":{\"name\":\"Derek Zimmer\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/e9f24badc1559621e721d94ecb18d6e1\"},\"headline\":\"OpSec – Staying Private Under Surveillance\",\"datePublished\":\"2018-07-18T16:00:28+00:00\",\"dateModified\":\"2021-10-25T20:28:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\"},\"wordCount\":1353,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png\",\"keywords\":[\"Internet Security\",\"tor\"],\"articleSection\":[\"Cybersecurity\",\"General Privacy News\",\"Surveillance\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\",\"name\":\"OpSec - Staying Private Under Surveillance\",\"isPartOf\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png\",\"datePublished\":\"2018-07-18T16:00:28+00:00\",\"dateModified\":\"2021-10-25T20:28:48+00:00\",\"description\":\"One of the biggest mistakes that people make while trying to operate  privately on the internet is giving up their information over side-channels.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png\",\"contentUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png\",\"width\":1600,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.privateinternetaccess.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OpSec – Staying Private Under Surveillance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#website\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/\",\"name\":\"PIA\",\"description\":\"Online privacy news from around the world.\",\"publisher\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.privateinternetaccess.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#organization\",\"name\":\"Private Internet Access\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png\",\"contentUrl\":\"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png\",\"width\":1200,\"height\":1200,\"caption\":\"Private Internet Access\"},\"image\":{\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/privateinternetaccess\/\",\"https:\/\/x.com\/buyvpnservice\",\"https:\/\/www.instagram.com\/piavpn\/\",\"https:\/\/www.youtube.com\/channel\/UClyJZ47Rizb1xnwuKXDI0_w\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/e9f24badc1559621e721d94ecb18d6e1\",\"name\":\"Derek Zimmer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/399c45f76a929cfe8ed46349f8166d975f7fa088108970562cf67fa46ab0176d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/399c45f76a929cfe8ed46349f8166d975f7fa088108970562cf67fa46ab0176d?s=96&d=mm&r=g\",\"caption\":\"Derek Zimmer\"},\"description\":\"Derek is a cryptographer, security expert and privacy activist. He has twelve years of security experience and six years of experience designing and implementing privacy systems. He founded the Open Source Technology Improvement Fund (OSTIF) which focuses on creating and improving open-source security solutions through auditing, bug bounties, and resource gathering and management.\",\"sameAs\":[\"https:\/\/ostif.org\/\",\"https:\/\/www.linkedin.com\/in\/derek-zimmer-2164a441\/\",\"https:\/\/x.com\/http:\/\/www.twitter.com\/ostifofficial\"],\"url\":\"https:\/\/www.privateinternetaccess.com\/blog\/author\/derek-zimmer\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"OpSec - Staying Private Under Surveillance","description":"One of the biggest mistakes that people make while trying to operate  privately on the internet is giving up their information over side-channels.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/","og_locale":"en_US","og_type":"article","og_title":"OpSec - Staying Private Under Surveillance","og_description":"One of the biggest mistakes that people make while trying to operate  privately on the internet is giving up their information over side-channels.","og_url":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/","og_site_name":"PIA","article_publisher":"https:\/\/www.facebook.com\/privateinternetaccess\/","article_published_time":"2018-07-18T16:00:28+00:00","article_modified_time":"2021-10-25T20:28:48+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png","type":"image\/png"}],"author":"Derek Zimmer","twitter_card":"summary_large_image","twitter_creator":"@http:\/\/www.twitter.com\/ostifofficial","twitter_site":"@buyvpnservice","twitter_misc":{"Written by":"Derek Zimmer","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#article","isPartOf":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/"},"author":{"name":"Derek Zimmer","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/e9f24badc1559621e721d94ecb18d6e1"},"headline":"OpSec – Staying Private Under Surveillance","datePublished":"2018-07-18T16:00:28+00:00","dateModified":"2021-10-25T20:28:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/"},"wordCount":1353,"commentCount":0,"publisher":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage"},"thumbnailUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png","keywords":["Internet Security","tor"],"articleSection":["Cybersecurity","General Privacy News","Surveillance"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/","url":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/","name":"OpSec - Staying Private Under Surveillance","isPartOf":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage"},"thumbnailUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png","datePublished":"2018-07-18T16:00:28+00:00","dateModified":"2021-10-25T20:28:48+00:00","description":"One of the biggest mistakes that people make while trying to operate  privately on the internet is giving up their information over side-channels.","breadcrumb":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#primaryimage","url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png","contentUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/Opsec-Robot-Optimized.png","width":1600,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/www.privateinternetaccess.com\/blog\/opsec-staying-private-under-surveillance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.privateinternetaccess.com\/blog\/"},{"@type":"ListItem","position":2,"name":"OpSec – Staying Private Under Surveillance"}]},{"@type":"WebSite","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#website","url":"https:\/\/www.privateinternetaccess.com\/blog\/","name":"PIA","description":"Online privacy news from around the world.","publisher":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.privateinternetaccess.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#organization","name":"Private Internet Access","url":"https:\/\/www.privateinternetaccess.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png","contentUrl":"https:\/\/www.privateinternetaccess.com\/blog\/wp-content\/uploads\/2018\/07\/pialogowhitekglogo.png","width":1200,"height":1200,"caption":"Private Internet Access"},"image":{"@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/privateinternetaccess\/","https:\/\/x.com\/buyvpnservice","https:\/\/www.instagram.com\/piavpn\/","https:\/\/www.youtube.com\/channel\/UClyJZ47Rizb1xnwuKXDI0_w"]},{"@type":"Person","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/e9f24badc1559621e721d94ecb18d6e1","name":"Derek Zimmer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.privateinternetaccess.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/399c45f76a929cfe8ed46349f8166d975f7fa088108970562cf67fa46ab0176d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/399c45f76a929cfe8ed46349f8166d975f7fa088108970562cf67fa46ab0176d?s=96&d=mm&r=g","caption":"Derek Zimmer"},"description":"Derek is a cryptographer, security expert and privacy activist. He has twelve years of security experience and six years of experience designing and implementing privacy systems. He founded the Open Source Technology Improvement Fund (OSTIF) which focuses on creating and improving open-source security solutions through auditing, bug bounties, and resource gathering and management.","sameAs":["https:\/\/ostif.org\/","https:\/\/www.linkedin.com\/in\/derek-zimmer-2164a441\/","https:\/\/x.com\/http:\/\/www.twitter.com\/ostifofficial"],"url":"https:\/\/www.privateinternetaccess.com\/blog\/author\/derek-zimmer\/"}]}},"_links":{"self":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/8228","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/comments?post=8228"}],"version-history":[{"count":9,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/8228\/revisions"}],"predecessor-version":[{"id":29903,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/posts\/8228\/revisions\/29903"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/media\/8229"}],"wp:attachment":[{"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/media?parent=8228"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/categories?post=8228"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.privateinternetaccess.com\/blog\/wp-json\/wp\/v2\/tags?post=8228"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}