The right of the people…
By Delta01
Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
This is a high speed-low drag overview of electronic security options available to safeguard your electronic communication freedom. I will mention the software or type of software and application; you can use non-logging DuckDuckgo.com or Startpage.com to search for more detailed info, use and installation.
In a nutshell the electronic “information” of every American is being recorded by a tyrannical Government. The recent events regarding the NSA and Verizon, violating the 4th amendment and monitoring every customers (97,000,000 million folks) phone calls are very disturbing.. I personally have never trusted the government to safeguard my freedom and privacy. I have always assumed the government can and will monitor everyone. My lack of trust thrust me into the world of computers to learn how to protect myself from an eavesdropping government. The list posted below represents a small snippet of what is available. If you do not like or understand specific software you can search for another type. I am merely planting a small seed of knowledge. If you need help with a specific install or need advice you can always Bitmessage (encrypted anonymous messenger) me at (my address) BM-2DCExbSNY4Ca4Mm1xnKMiZBFE5RoDLN1K2 . You will need to install Bitmessage and configure your identity to be able to send a message to me.
The List:
EDS Lite: Android phone/tablet Truecrypt encryption application
SeeCrypt: Andriod phone (smart phone) VOIP phone call encryption
RedPhone: Encrypt Andriod phone calls (phone to phone, not voip)
TrueCrypt: Strong whole disk(before booting) encryption for laptops and computers
BitMessage: Anonymous encrypted messenger
Dooble: Encrypt all internet browsing data/ Encrypted web Browser
DNScrypt: Encrypt the web address lookup information coming from your computer
Secure Eraser: Securely wipe/erase data, slack space and free space on your computer
Bitwise: Encrypted chat
Qubes: Secure linux operating system
Batch purifier: Removes file metadata (like gps location, name etc from photos and files of all types)
Whonix: Anonymous virtual system that runs through TOR
Tor Bundle: Anonymous web surfing (do NOT click on java, flash etc while surfing)
TOR Birdy: Anonymous email through TOR
TextCrypt: Encrypted Android phone text messages
Axcrypt: File encryption
CCleaner: Use custom install and uncheck added crapware, also go in advanced and uncheck files older than 24 hrs (cleans internet activity)
Bleachbit: Deep cleans web stuff and misc files off your computer (Dear God be careful, do NOT just check every box)
OpenPuff: Steganography encryption software to embed encrypted files inside photos and sound files.
Minimum safe practices would be as follows.
Install truecrypt whole disk encryption with a 50+ character passphrase (example of 50 you CAN remember: $$$$$$$$$$+++++QQQQQQQQQQ?????bbbbbbbbbbAAAAAAAAAA) and use 2 chaining encryptions (do not use Aes and ripe 160 alone, better to run AES/Twofish chained encryption). To hack that password: Massive Cracking Array Scenario:(Assuming one hundred trillion guesses per second)9.52 trillion trillion trillion trillion trillion trillion centuries. Good luck!
Install Thunderbird mail and open PGP encryption
Install DNScrypt
Install Tor Bundle
On the phone install Seecrypt or Redphone or both
Install Bitmessage
You could also sign up with a secure non-logging out of country VPN service like EarthVPN for $4 dollars per month. Make sure you use a prepaid credit card and buy it with cash. Use Torbundle to surf to Earthvpn and pay with your prepaid card.
Two warnings. Skype encryption most likely has been hacked by the NSA or the key was given to them by Skype. Its not to be trusted for anything other than soup recipes. Also IPV6 can embed geolocation information as well as computer fingerprints (mac ID) into your IP address. Windows is supposed to scramble this but Macs and Linux does not. It is best to disable IPV6 unless you know how to test your IP for leaks.
Delta
Delta thanks for getting this information out. Smartphone’s are tough to protect, could also recommend a Blackberry that has built in encryption or getting a smartphone off contract through a noncompliance provider (T-Mobile?) charging it each month with a cash purchased card. (Walmart has these). Never associate your name to that device and use the encryption you recommended. (Save contact data locally to device not to cloud providers) Also Windows 8 has Bitlocker built in if the BIOS can handle it. Haven’t had time to review the strength of it yet, since it is from MSFT I am guessing the NSA has the keys to that as well.
I hate to tell you this but with Windows 8 most people who are not tech savvy will not be able to reformat the hard drive of their computers because Microsoft is embedding the operating system all the way down to the BIOS which this is bad because that means it will let everything be known about your computer even down to the mac address. Bitlocker is a big joke also. I was going to college and one of my instructors had a retired FBI agent that dealt with computer forensics and we asked him about encryption and he told us that one of the best out there was TrueCrypt or BestCrypt. He said that even they were not able to crack the encryption on those two.
[…] The right of the people …By Delta01 […]
Warning!
NEVER trust NON-open sourced software for encryption. Especially software from the likes of Microsoft. I would not trust the Crackberry encryption either. Always assume the Feds have the key to any company that sells or gives out encryption software. Run truecrypt whole disk encryption (open source) and if someone is knocking at the door pull the plug on the computer BEFORE answering. Unless they have keylogged you they are NOT getting in to your computer provided you used a 50+ character passphrase not in a dictionary.
Anon while I would agree with you on the non-open source software, the link I am going to leave is why I trust Blackberry more than other say Microsoft or Apple.
http://www.zdnet.com/blog/igeneration/blackberry-encryption-too-secure-national-security-vs-consumer-privacy/5732
Also it is a Canadian based company, which means it is not regulated by the US and would stand a better chance at not being bullied into anything like the list of others we are seeing with current issues. Still I don’t trust technology to be secure at any point either way. Also a few days back there was discussion about someone refusing to give up the encryption password even under court order or be found in contempt.
Forgot to post this one too. Again could be to trusting with it but still a decent option.
http://crackberry.com/blackberry-encryption-time-talk-turkey
Delta, thanks for the info on Bitmessage, checking into it now.
From what I read the ‘main’ way for them to defeat serious encryption is the use of KeyLoggers. Here is a link to a now dated article that might be of interest –
http://news.cnet.com/8301-10784_3-9741357-7.html?tag=rtcol;relblog
I think keyloggers are injected as a virus. They also use Tempest and Van Eck. In fact I think the new smart meters they are forcing down our throats at gun point are part of the Tempest program which most likely has another name by now. If I wanted your password I would do one of the following. Keylog, use a keylogger device between the keyboard and computer, use a keylogging keyboard that matches yours, use a High-def pinhole camera in your ceiling above your keyboard and or shove my gun in your mouth and ask for the key nicely 🙂
The only way to stop the bad guys from getting your keys are to ONLY use a laptop and NEVER let it out of your sight. Of course you would have to take numerous steps to make sure the keylog-virus did not get on your computer via the internet. One way to protect the machine would be to run a copy of a Virtual machine (heavily protected), run a browser in a sandbox on the VM and delete the VM copy every time you go off-line. Make sure to put a towel over your hands while you type the passphrase and boot the whole disk encrypted laptop. People used to call me paranoid and now those same people are asking for my advice to remain secure and private.
On another paranoid note. You could download a copy of a secure Linux “LIVE” distro and burn the img to a CD/DVD. Boot to the DVD and run your operating system in that manner. I would first disable/turn off the hard drive in the BOIS before booting the DVD so there is NO chance of something hopping over to it.
All,
BitMessage was a ‘non-issue’ to install, smooth process on both Win7 and Linux.
Should you install and need to test, my BitMessage address is
BM-2DBGBMu3Fn3gtaEDag1ts9FBSEAhWBVZHb
I do prefer the Linux version, gives me a better idea of what is going on with connect to the outside. GL to everyone.