SALT LAKE CITY — As new reports shed more light on the National Security Agency's surveillance capabilities, experts say absent going back to the world of the 1980s, there are only some steps Americans can take to become less conspicuous to the government.
"If you want 100 percent security, you've got to get off the internet entirely, in my opinion," said Pete Ashdown, founder of Salt Lake City-based internet service provider XMission.
It's something echoed by Trent Leavitt, former FBI contractor and co-founder of Orem-based Decipher Forensics, who says people would have to go back to 1980s-style living to stay "off the grid."
"You're not banking online, you're not shopping online," Leavitt said. "You go back to literally 1986 where you looked in catalogs for things, you went to the store before you bought something - that's how you get totally ‘off the grid.'"
"You make all of your deposits at the bank, you don't shop with a credit card, you pay if you go to (a large retailer) in cash, because even (large retailers), when you're paying with a credit or debit card, they track everything. They use that to market to you in that specific geographic area where you live," he said.
According to the latest report revealing NSA capabilities, the federal government can even access data and applications on smart phones.
It's unclear when, if ever, the pattern may reverse itself. Another recent report showed the Obama administration in 2011 was successful in getting restrictions on the NSA's use of phone calls and emails reversed.
Absent of going back to the days when "Top Gun" and "Ferris Bueller's Day Off" were hit movies, Ashdown and Leavitt said certain forms of strong encryption should be sufficient for most people in minimizing their risk of being spied upon.
Leavitt said I2P and the Tor Project are options to remain anonymous while communicating online, though he acknowledged even those services have flaws. A recent report revealed the Tor Project benefited from significant government funding.
"Everything has a flaw when it comes to technology, and if it doesn't have a flaw, somebody will eventually find a flaw in it," Leavitt said.
In the case of "onion routing" like what the Tor Project offers, Leavitt said information travels from node to node and may well end up in an unencrypted area.
"Wherever that node stops and it goes off of it, that person could be collecting the information when it comes off of a node," Leavitt said. "You don't know who's controlling that node, it could be the NSA, it could be the kid down the street. You just don't know."
Leavitt said if the budget is big enough and the supercomputers are advanced enough -- as with a government -- most encryption programs can be broken eventually.
In his own experience at his computer forensics business, Leavitt said some encryptions are breakable in 30 to 40 seconds, others three weeks, and yet others could take decades.
"A lot depends on the length of the encryption keys," Leavitt said. "There's a lot more that goes into it than just saying it's going to be a time matter. The machine we use can break passwords and break encryption keys around 4 billion passwords or keys per second, which sounds like a fantastic thing. But when you look at the number of possibilities out there, you could still be running it for several years when you're trying to break certain encryption keys."
"I think it's a good thing. I think you can't find the bad guys unless you know who they are," Paul Smith said.
Others raised concerns, even though they didn't believe they were currently being targeted.
"I don't think it's honest," Holly Brain said. "They could see what I was buying, they could see what I was spending, they could see who I was talking to. I don't think it's necessary."
What do you think? Leave your opinion on the comment board.
Another challenge for those looking for effective encryption is to find a program that does not give the government "back door" access. Ashdown recommended looking for encryption tools that use a software source that can be inspected.
"I would tend to trust those more than something that is closed-source and not able to be inspected," Ashdown said.
Ashdown also recommended programs GNUPG and SSH, which claim to encrypt all traffic, including passwords.
Less technical options to minimize visibility include caution in signing up for online promotions or doing online shopping.
Children, Ashdown said, shouldn't have access to credit cards to set up their own venues for online shopping. Leavitt recommended avoiding the use of free, web-based emails.
Short of taking any of those actions, Ashdown said those who are concerned with the government's capabilities should complain to lawmakers.
"These people believe they're above the law and we need to fight back against that," Ashdown said of the government officials involved with the surveillance programs.
The government has maintained there are legitimate uses and needs for the surveillance and data mining programs, including that it has helped to thwart 50 terror plots.