Ten Steps You Can Take Right Now Against Internet Surveillance

[Coleman Smith]

Ten Steps You Can Take Right Now Against Internet Surveillance

I was wondering how many here use encrypted email, V.P.N.'s , disc encryption, secure deletion and regularly wipe the free space.

I use VPN when using public WiFi.

I use file encryption but on my next PC I will probably upgrade to whole system crypt.

 

[Tom Sawyer]

Just note that if you do take steps against internet surveillance, you'll be flagged as a possible subversive and your online activity will be more closely monitored.

 

[Coleman Smith]

Just note that if you do take steps against internet surveillance, you'll be flagged as a possible subversive and your online activity will be more closely monitored.

Probably true.

I am just concerned about ID theft etc.

If the Feds moniter me I am most likely to be charged with felony boring

 

[angelo]

Probably true.

I am just concerned about ID theft etc.

If the Feds moniter me I am most likely to be charged with felony boring

Then suspicion may arise because of the boredom.

 

[steve_bnk]

Hey man, did you really mean that in your last email?

I use Decrypt 5.3, it decrypts pretty much everything.

 

[Coleman Smith]

Hey man, did you really mean that in your last email?

I use Decrypt 5.3, it decrypts pretty much everything.

I posted but did not send an email so I assume that you are referring to my post.

Don't know about Decrypt 5.3 and could not find any articles on it on the internet.

I did recently complete an 11 week civilian police academy and asked the computer lab director of the regional crime lab if they, or to their knowledge, the FBI can break TrueCrypt.

He said no.

I am not disputing what you said but I would be surprised if Decrypt 5.3 is a threat to the CIA.

"The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation."

http://news.techworld.com/security/3228701/fbi-hackers-fail-to-crack-truecrypt/

I am not disputing your statement but I would like to see a demonstration against TrueCrypt.

It would even more interesting if it breaks a triple cascade.

 

[steve_bnk]

Don't know about Decrypt 5.3 and could not find any articles on it on the internet.

I did recently complete an 11 week civilian police academy and asked the computer lab director of the regional crime lab if they, or to their knowledge, the FBI can break TrueCrypt.

He said no.

I am not disputing what you said but I would be surprised if Decrypt 5.3 is a threat to the CIA.

"The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation."

http://news.techworld.com/security/3228701/fbi-hackers-fail-to-crack-truecrypt/

I am not disputing your statement but I would like to see a demonstration against TrueCrypt.

It would even more interesting if it breaks a triple cascade.

That was sarcasm on my part. Point being I doubt us mere mortals will ever know what the exact capabilities are of the security services.

When you encrypt with any known tool assuming there are no back door susceptibilities it comes down to the number of possible key combinations.

My guess would be the NSA has a vast array of cheap computers that do nothing but brute force attack an encrypted file with a key.

As far as I know the only truly unbreakable encryption is a 'one time pad'. As an example you and a partner want to transfer a document.. You both agree on a book that you keep secret. You substitute your message characters for a character in the book defined by the number of the character counted from the start of the book. Never use the same character position in the the book twice.



Pad comes from the early usage of the technique in which encryption was done using a random set of characters on a large pad. One ripped off a sheet character by character as it was used. Decryption used tge same pad.


http://en.wikipedia.org/wiki/One-time_pad

http://en.wikipedia.org/wiki/Realcrypt

It would appear there are susceptibilities.


If yiu sequentially encrypot with random multiple algorithms what you do is make the brute force time long enough to be considered unbreakable.

 

[Coleman Smith]

That was sarcasm on my part. Point being I doubt us mere mortals will ever know what the exact capabilities are of the security services.

Really, they report to me dailey.

When you encrypt with any known tool assuming there are no back door susceptibilities it comes down to the number of possible key combinations.

My guess would be the NSA has a vast array of cheap computers that do nothing but brute force attack an encrypted file with a key.

I agree but there are few who have the capabilities of the CIA and doing nothing is the surest route to failure.

As far as I know the only truly unbreakable encryption is a 'one time pad'. As an example you and a partner want to transfer a document.. You both agree on a book that you keep secret. You substitute your message characters for a character in the book defined by the number of the character counted from the start of the book. Never use the same character position in the the book twice.

Snip for brevity

One Time Pads are generally the subject of every book and college course on the history of encryption.

They are in fact believed to be the only perfect cypher provided that the parties follow the rule and never use the same code twice.

However, the OTP is rarely used in the modern context because it is slow. How long would it take to text using a one time pad.

In addition to encryption alone there are ancillary procedures that can be used to obfuscate the presence of the code.

I am not going to go into those procedures because I do not want to publish information on the web which might give aid and comfort to criminals and /or terrorist.

 

[Mumbles]

Probably true.

I am just concerned about ID theft etc.

If the Feds moniter me I am most likely to be charged with felony boring

Oh, Tom Sawyer is definitely correct on that one.

Anyway...there are a few basic rules I follow, such as watching which web site I'm using, avoiding any public WI-Fi spot for anything such as banking, and the like. I personally don't see a need to, say, encrypt my email, but then I don't do anything that could damage me over public email systems to begin with. That could easily be different for other people.

And the rest is built on trust for other parties - primarily corporations that you give account info to. Um...that can be tough to deal with, Ihave no good answer for it.

 

[steve_bnk]

I am doing nothing worth monitoring.

I don't care who reads my emails.

I am party to no secrets about anything.

I have nothing on my PC worth stealing or encrypting.

I am not really worried about the govt who in the end will have some public accountability.

It is more the Goggles and Yahoos.

Yahoo scans emails looking for keywords to target you with advertising. When yiu agree to the typical TOU they can di just about anything with your data. And they do.

Courts have ruled that telecommunications trough a third party is not subject to privacy.

If you communicate through any link that is not required to ensure privacy, you can not claim privacy. in the old days when operators worked manual switchboards,the principle is obvious.

If yiu speak loudly in a coffee shop about some great secret, obviously you have no expectation of privacy or control over what anyone does with what they hear you say.

When you sign up for a cell pho0ne or ISP is there any guarantee of privacy in the agreements?