Privacy, Security, and Crypto in light of the Surveillance State

Users Online Now: 1,075 (Who's On?)	Visitors Today: 127,133
Pageviews Today: 221,984	Threads Today: 80	Posts Today: 1,529
02:57 AM

Page 1 Bottom Search Replies Previous Page Next Page
Search Terms: Highlight Matches
Privacy, Security, and Crypto in light of the Surveillance State
archaisch Offer Upgrade User ID: 23450448 Panama 10/11/2013 10:19 PM Report Abusive Post Report Copyright Violation	Privacy, Security, and Crypto in light of the Surveillance State In light of the current situation of the complete surveillance grid and storage of personally identifiable information, it is important to collect a list of resources, tools, and strategies to improve privacy and mitigate (or at least slow down) the ability for corporations and/or governments to collect such data. Nothing can be considered 100% secure or trusted. I will continually update this initial post with information relating to the following privacy conscious technology and software: [link to gist.github.com (secure)] Operating Systems: Hardened Gentoo [link to wiki.gentoo.org (secure)] Tails Live OS [link to tails.boum.org (secure)] Liberté Linux (Last Update Sep. 1, 2012) [link to dee.su] Tin Hat Linux [link to opensource.dyc.edu] JonDo Live-CD [link to anonymous-proxy-servers.net (secure)] Web Browsers and Plugins/Addons: Mozilla Firefox [link to www.mozilla.org (secure)] HTTPS Everywhere [link to www.eff.org (secure)] NoScript [link to noscript.net] BetterPrivacy [link to addons.mozilla.org (secure)] RequestPolicy [link to addons.mozilla.org (secure)] Search Engines: Duck Duck Go [link to duckduckgo.com (secure)] Startpage [link to www.startpage.com (secure)] Encryption and Cryptography: GNU Privacy Guard [link to www.gnupg.org (secure)] EncFS [link to www.arg0.net] TrueCrypt [link to www.truecrypt.org] Email Providers and Software: Mozilla Thunderbird [link to www.mozilla.org (secure)] Enigmail OpenPGP [link to addons.mozilla.org (secure)] Instant Messaging, Communications, and File Sharing: Pidgin Multi-protocol Chat Client [link to pidgin.im] Pidgin OTR (Off the Record) Encryption Plugin [link to otr.cypherpunks.ca (secure)] RetroShare [link to retroshare.sourceforge.net] Tox (Questionable) [link to tox.im] Text and Document Sharing: ZeroBin [link to sebsauvage.net] Gist [link to gist.github.com (secure)] VPN Services: IPredator [link to www.ipredator.se (secure)] PIA [link to www.privateinternetaccess.com (secure)] Open Source Firewall Distributions and Firmware: pfSense [link to www.pfsense.org] dd-wrt [link to www.dd-wrt.com] OpenWrt [link to openwrt.org (secure)] Anonymity Services: Tor Project Tor Browser Bundle I2P Anonymous Network [link to www.i2p2.de] Freenet [link to freenetproject.org (secure)] Android: CyanogenMod [link to www.cyanogenmod.org] Replicant [link to www.replicant.us] TextSecure [link to play.google.com (secure)] RedPhone [link to play.google.com (secure)] F-Droid App Store [link to f-droid.org (secure)] Backup: Tarsnap [link to www.tarsnap.com] Network Analysis and Testsing: Kali Linux [link to www.kali.org] Wireshark [link to www.wireshark.org (secure)] dSploit (Android) [link to dsploit.net] Monetary Systems and Payment Gateways: Bitcoin [link to bitcoin.org] Security and Privacy Related Websites and Blogs: Schneier on Security [link to www.schneier.com (secure)] Prism Break [link to prism-break.org (secure)] Electronic Frontier Foundation [link to www.eff.org (secure)] /r/privacy r/netsec SecurityTube [link to www.securitytube.net] erratasec [link to blog.erratasec.com] Please post any experiences and/or knowledge of the pros/cons of such services and technologies and provide any suggestions of what others should research and consider using in their attempt to maintain some semblance of privacy in today's age of fusion processing centers and user identifying analytic systems. Last Edited by archaisch on 05/10/2014 09:25 AM

archaisch (OP) User ID: 45315130 United States 10/12/2013 10:13 AM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State Along with using tools and services to help increase the level of privacy and anonymity while on the internet, its also critical that you change your habits to make this effective. Separate (sandbox) what you do online with these tools and do not use services that can track you or associate with your identity like using Google services, social media like Facebook, Twitter, etc. If you choose to use these services, use them with another browser, or ideally, another computer and never mix using the same browser/tool set for both activities. Also seriously considering disabling the maximum amount of browser plugins possible to minimize the attack vector exploits have against you. Flash, Java, and JavaScript all should be disabled as possible, obviously usability of some websites will degrade because of this.
archaisch (OP) User ID: 47744171 France 10/13/2013 09:24 AM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State Another important strategy is the concept of "Air Gaps", which is basically separating and isolating a computer or network from the Internet. [link to en.wikipedia.org (secure)] This greatly increases the security of the isolated computer(s) and are typically only vulnerable to attacks from removable media like flash drives (i.e. stuxnet). You can further improve security by only transferring data between the air gap and Internet connected machines through optical media that is not RW. Bruce Schneier, a cryptography expert, who has been discussing the technical implications of the leaked documents from Edward Snowden, has a good article on Air Gaps. Here is the article: [link to www.schneier.com (secure)] Just don't use Microsoft Windows on any of the machines you are planning to try to keep secure (duh). Last Edited by archaisch on 10/13/2013 09:25 AM
archaisch (OP) User ID: 47970566 United States 10/16/2013 08:22 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State In a localized or Post SHTF scenario, Wifi Mesh Networks can be an important tool in communicating with people in your area for trade, news, or to start using to stay off of the WWW which will limit monitoring capabilities greatly. One Wifi Mesh network showing a lot of promise is called Project Byzantium [link to project-byzantium.org] From their about page: ---- The goal of Project Byzantium is to develop a communication system by which users can connect to each other and share information in the absence of convenient access to the Internet. This is done by setting up an ad-hoc wireless mesh network that offers services which replace popular websites often used for this purpose, such as Twitter and IRC. These services and web apps were selected because they are the ones most often used by activists around the world to find one another, exchange information, post media, and organize. They were also selected because they stand the best chance of being easy to use by our intended userbase, which are people using mobile devices like smartphones, MP3 players, and tablet PCs. Unlike most mesh implementations, a Byzantium Mesh requires no specialized equipment that may not be easy to get during an emergency, just an x86 computer with at least one 802.11 a/b/g/n wireless interface. It will run on just about any x86 computer, including later generation Macbooks. ---- I recommend you download an ISO and start checking it out. Could come in very handy if you have some other people in your area or community wanting to share information in a free but "off grid" manner.
archaisch (OP) User ID: 47872365 Sweden 04/26/2014 05:14 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State AirChat - Free Communications For Everyone [link to github.com (secure)] [link to vimeo.com (secure)] ------- Why Airchat? Because we strongly believe communications should be free, Free as much as the air itself and all the waves should be. Free for everyone everywhere, free for those oppressed, free for the poor, free for the dissident, free for those living out of the boundaries of the infrastructure created for those who were lucky enough to have more than others. And free...well... because sometimes the non-free infrastructure itself fails. --------
Anonymous Coward User ID: 57372437 United States 04/26/2014 05:45 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State also, network traffic analysis software like wireshark
archaisch (OP) User ID: 47872365 Sweden 04/26/2014 06:05 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State also, network traffic analysis software like wireshark Quoting: Anonymous Coward 57372437 Thanks AC, added a Network Analysis Section to original post
pee in the wind User ID: 38571581 United States 04/26/2014 06:19 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State how's the audit of true crypt coming along?
archaisch (OP) User ID: 47872365 Sweden 04/26/2014 06:22 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State how's the audit of true crypt coming along? Quoting: pee in the wind 38571581 [link to opencryptoaudit.org (secure)] The results? iSEC, the company contracted to review the bootloader and Windows kernel driver for any backdoor or related security issue, concluded (PDF) that TrueCrypt has: “no evidence of backdoors or otherwise intentionally malicious code in the assessed areas.” While the team did find some minor vulnerabilities in the code itself, iSEC labeled them as appearing to be “unintentional, introduced as the result of bugs rather than malice.” [link to arstechnica.com] [link to istruecryptauditedyet.com]
archaisch (OP) User ID: 55064924 Sweden 05/10/2014 09:25 AM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State 300k servers still vulnerable to Heartbleed one month later [link to blog.erratasec.com]

Anonymous Coward User ID: 25244488 United Kingdom 05/10/2014 09:34 AM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State In light of neural monitoring it becomes imperative to protect passwords. A cheap, yet effective method, is to randonly generate a password of over 40 characters and never look at any portion of beyond the first few characters. If you don't know the password, neither does anything reading your brain patterns.
Apocalypse Troll Trollicus Apocalyptus User ID: 25348503 United States 05/10/2014 09:37 AM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State iSEC - Isn't that an NSA subsidiary? Best thread of the day. Airgaps are not as effective as you think: [link to news.firedoglake.com] The only air gap that can reliably work is on a battery powered device within an actively grounded Faraday cage. Did you know that people can determine the data on your computer just by recording and decoding the sounds your cpu makes as it is processing data? [link to www.zmescience.com] So, add multiple multi-freq white noise generators to your cage... Last Edited by Apocalypse Troll on 05/10/2014 09:40 AM "Honor the Texas flag; I pledge allegiance to thee, Texas, one state under God, one and indivisible." [link to www.statutes.legis.state.tx.us]
doteight User ID: 58378811 France 07/22/2014 09:45 PM Report Abusive Post Report Copyright Violation	Re: Privacy, Security, and Crypto in light of the Surveillance State security is dead. truecrypt is abandoned. talk at blackhat conf about deanon torproject users pulled. tails reported by forbes to have zero day exploits for sale. long live security

Page 1 Top Previous Page Next Page

Related Threads

Join Now, Free! (& No Ads!) Forgot Your Password?
Email	Password	Remember

1	Shadowy US Spy Firm Promises To Surveil Crypto Users For The Highest Bidder....Anomaly 6	12/18/22
2	The ONLY Privacy Crypto Coin to BUY..NOW!	06/02/21
3	Crypto proves the internet cant be trusted with your privacy and finances.	01/04/18
4	INX - First Ever FULLY Regulated Crypto Exchange Is Launching / UPDATE: Now largest traded security Token in the world within 30 days	04/14/21
5	White House Wants Crypto Rules as a Matter of National Security	01/29/22
6	SHA1 crypto algorithm underpinning Internet security could fall by 2018	10/08/12
7	Texas Crypto Miners Ask To Use As Much Power As All Of New York State	08/29/22
8	Based on security and fees where is the best place to buy/sell crypto	05/15/21
9	Pop Quiz MotherFerrr. Digital is fully surveillable.. Crypto is a prison	03/02/21
10	Citadel Securities and Soros Fund Management Made Crypto-Related Bets in Q4 2022	03/09/23

Rate this Thread

Privacy, Security, and Crypto in light of the Surveillance State