Podcrash 16: Computer Privacy On and Offline Why and How
Privacy is important for both activist and non-activist alike. In this Podcrash we discuss some of he tools of he trade to protect our privacy on your computer and online.
E-Mail Encryption: http://www.instructables.com/id/Encrypt-your-Gmail-Email/
The Onion Router: http://www.instructables.com/id/Go-Online-without-Getting-Snooped-Tor-The-Onion-/
KeePassX: http://www.keepassx.org/
TrueCrypt: http://www.truecrypt.org/
Pidgin: ttp://pidgin.im/
OTR Plugin for Pidgin: http://www.cypherpunks.ca/otr/
Adium: http://www.adiumx.com/
Incognito: http://anonymityanywhere.com/incognito/
Hi XaqFixx and other Crashers,
This episode and the one prior were nice introductions to the idea of using encryption and computer security concepts to protect yourself against oppressive regimes. The interview with Cory Doctorow provided the impetus for me to go download and read his book.
I am an internet entrepreneur, and my business requires that I be in the know about computer security. I regularly use encryption out of principal, obfuscating my connections using Tor and using OTR when chatting. Encryption is also important to me for business reasons. Tor is really interesting, but it can give a false sense of security if not used properly. It is worth mentioning that software like Tor could have backdoors that spy on you while claiming to protect your privacy. Most people agree that Tor does not do this, and they can prove it by analyzing the source code and showing that building the source code provides the exact same application as the one distributed by the Tor Project. This is a key benefit of open-source software. I recommend that people who care about their privacy do not trust software that they cannot examine or have examined. Practically, this means limiting yourself to open source software, such as the software you have recommended in this podcrash. Doctorow’s book explains this with respect to encryption algorithms being more secure if they do not depend on being secret.
I highly recommend digging into theTor Wiki and other documentation from the Tor Project, especially if you plan to use Tor in a situtation where your life, limb, or liberty may depend on your anonymity, e.g. dissidents in especially oppressive regimes. Also, you may want to look into Tor Hidden Services. When you access a web site over Tor, the last Tor Relay, the “exit node” can view your traffic if it is not encrypted (if you are not using ssl aka https). When you connect to a Tor hidden service, that service is itself a Tor node, and you get end to end encryption. The Tor Wiki covers how to set up and use hidden services.
Always remember that your anonymity requires that you not unintentionally reveal information that can be linked to your real identity.
not-even-remotely-anonymous-to-bureaucrash,
Saul
p.s. here are the links from above post in clickable form