The presentation given by Jacob Applebaum and Laura Poitras at the 31st Chaos Communication Congress has touched off a wave of articles about the places where the NSA either can or can’t surveil you. Concurrent with this talk Der Spiegel released over forty documents from the Snowden leak that support the technical points Applebaum addressed. These documents have touched off a running discussion in Hacked’s chat channel, and we’d like to share some of our observations.
Also read: 31st Chaos Communication Congress Offers Confirmations, Shocks
Things You Should Not Use
There are a variety of things you should not use anymore and Skype belongs at the top of the list. Your voice communications and text chats are accessible to the NSA, and they have been for a couple of years. The alternative that horrifies NSA analysts the most is Phil Zimmerman’s ZRTP encrypted voice protocol. Implementing this is painless, since you can just switch to Jitsi, an open source competitor to Skype.
Virtual Private Networks sometimes offer PPTP, the point to point tunneling protocol, as an option. This was popular with Windows users, as no additional client software was needed, but the protocol is and has been painfully weak for many years. IPSec can be safe, but there are many configuration options and a significant learning curve, even for the technically minded. OpenVPN connections, which depend on the OpenSSL encryption package, seem to be the right balance of protection and ease of use.
Zero Customer Knowledge VPNs as pioneered by Cryptostorm are an excellent OpenVPN option. They provide an introductory low-speed service Cryptofree.me. If you want to experiment with both PPTP and OpenVPN, Romanian provider VPNBook offers free connections. Unlike Cryptostorm, there is no obvious revenue model supporting VPNBook, so be mindful that they likely make their way by selling information about what you do with their network.
The NSA has massive compute resources at their command including farms of cryptographic ASICs similar to Bitcoin mining operations, only they are dedicated to picking apart encrypted traffic streams. They are actively hunting and recording public key cryptography sessions so they can crack them in bulk. If you use software with configurable key lengths you make sure the longest one possible, which is often 4096 bits, and be sure you use a long, strong passphrase to protect your keys.
Things that Work Well Against the NSA
Technology counted as ‘catastrophic’ by the NSA includes the Tor anonymizing network, particularly when accessed using TAILS, The Amnesiac Incognito Live System, a hardened Linux distribution that will run well on netbooks and older computers. This is a live distro, which means you can put it on a thumb drive attached to your keychain for those times when you are forced to use a public computer. Not mentioned in the talks, but similar to TAILS, the Whonix distro provides an even more hardened environment, but it requires a machine large enough to run two VirtualBox machines at once.
Chats protected by Off The Record (OTR) are undecipherable for the NSA. Did you already install Jitsi for its ZRTP voice capabilities? If so, you’re in luck, because that program also provides OTR encryption for text chat, too. Jitsi offers support for Jabber, Yahoo, and even Facebook. If you use a network that isn’t supported by Jitsi your next choice for a client is Pidgin if you’re on Linux/Windows or Adium if you use OSX.
Email encrypted with Pretty Good Privacy (PGP) or it’s free software implementation, GNU Privacy Guard, are a terrible problem for the NSA. This is one of those places where a 4096 bit key is needed, and some programs still default to only 2048. If you are not yet encrypting email things have gotten a lot easier, which we described in Making Encrypted Mail Usable.
Whisper Systems offers SMS text message encryption software and a year ago this was added to the CyanogenMod OS, a free and open alternative to Google’s Android, creating a potential ten million new users as people upgrade their systems. They also have a voice application, Red Phone, which gets high marks.
How You Can Help
Many of the documents released offer hints about what you can do to make the NSA’s admittedly fragile access to your communications completely impossible. There are going to be many guides published in the coming months as people take steps to ensure their privacy. Reading them and fostering the good practices you find is important, but here are two simple actions you can take immediately.
If you have a computer that is on 24×7, both TAILS and Whonix are distributed by torrent. If you can spare the disk space, download them both and leave your torrent client running.
If you have good bandwidth at home, configure that computer that is on 24×7 to be a Tor relay. If your home computer runs Linux, this involves installing a single package, opening a port in your firewall and uncommenting a few lines in the config file. The only hazard is that the default configuration sets your system to be not just a relay, but also an exit. Find the line that says ExitPolicy and disable it until you understand the risks. You can learn more about this by reading the tor-relays mailing list.
Providing storage and distribution for good tools coupled with adding capacity to the Tor network for those who want to use them doesn’t just benefit them, you’re getting a constant smoke screen of traffic which will help conceal your activities.
Images from Shutterstock.
San Bernadino iPhone Case: Major Press Agencies Are Suing the FBI
The Associated Press, Gannett, and VICE Media are suing the FBI to know more details about the agency’s hack of the San Bernadino killer’s iPhone.
Toward Unbreakable Quantum Encryption for Everyone
Hacked recently covered the efforts of the Chinese government to build unbreakable quantum communication networks. According to analysts, quantum communications networks are so expensive that they could have a “recentralizing effect,” enabling states to recover the ground that they have lost to decentralizing digital technologies. But what if ultra-secure quantum cryptography could be made available to everyone at low cost?
The Chinese Quantum Satellite QUESS: Toward Unbreakable Quantum Networks
One year ago Hacked covered the race between the US and China to develop “military super-powers” by harnessing quantum science, and noted that Chinese scientists were developing quantum communication satellites that support unbreakable encryption. A few weeks ago, China launched its first quantum satellite.
- Asian Market Update – Tuesday: Litecoin price skyrockets despite creator’s warning; Asian stocks down December 12, 2017
- Is Bitcoin Driving Gold Prices Lower? December 12, 2017
- Monero Forges Ahead as Prices Cross $290 December 12, 2017
- Ethereum Flirts With Record Highs as Buterin Compares Crypto Surge to Salvator Mundi Auction December 12, 2017
- Altcoin Investing Strategy as Futures Hit the Market December 12, 2017
- Companies are Lining Up to Launch Bitcoin ETF, According to SEC December 12, 2017
- Technical Analysis: Litecoin Continues Surge as Bitcoin Tests Highs December 11, 2017
- Trade Recommendation: Ride ETN and EW on Breakout December 11, 2017
- Trade Recommendation: Buy BBY, ZNH, CLX, and USCR December 11, 2017
- Power Consumption for Bitcoin Mining Is Now Ranked 61st in the World December 11, 2017
A part of CCN
Analysis1 week ago
Long-Term Cryptocurrency Analysis: A Major Top Could Be In
Altcoins1 week ago
IOTA Doing Big Things as Microsoft Partnership Announced
Analysis2 days ago
Long-Term Cryptocurrency Analysis: Look Out Below?
Recommendations4 days ago
Trade Recommendation: Litecoin
Cryptocurrencies1 week ago
Trade Recommendation: Neo
Analysis1 week ago
$100 Litecoin Looks Poised for Greater Upside
Cryptocurrencies1 week ago
Trade Recommendation: Zcash
Cryptocurrencies3 days ago
Trade Recommendation: Stellar