no way to communicate in private online

hawkwind23

just been reading about the shut down of several web services.
it would appear that these sites respected clients privacy and have been forced to hand over all their data for investigation!
either that or shut down.
so it would appear that confidential discussion and networking is now outlawed
crazy!!

http://www.theregister.co.uk/2013/08/20/groklaw_to_shut_down/

https://lavabit.com/

http://www.computerworlduk.com/news/security/3463163/email-provider-for-nsa-whistleblower-snowdon-shut-down/


not a "conspiracy theory" as such but should be noted that the actions taken on the above sites would lead one to believe that EVERYONES data is of interest and nothing is to be off limits

Tzar Chasm

well there might be a conspiracy angle too, there seems to be a concerted effort to link Tor to child porn and use that as an excuse to shut it down.

hawkwind23

by the look of it they will either ask for their algorithms or shut them down although i dont think Tor stores any data?
why the aggressive actions toward those that want some simple privacy?
when i am sharing sensitive information in a conversation i dont expect every tom dick and harry to be listening in and recording what is said
why should my digital conversations be any different?

Dubwat

http://www.theregister.co.uk/2013/08/22/guardian_snowden_advice/ (22 Aug 2013)

Title: Four ways the Guardian could have protected Snowden – by THE NSA
Subtitle: Spooks' own advice lays out exactly how this crypto wypto hypto thing works

The Guardian's editor-in-chief Alan Rusbridger fears journalists – and, by extension, everyone – will be reduced to using pen and paper to avoid prying American and British spooks online.

And his reporters must fly around the world to hold face-to-face meetings with sources ("Not good for the environment, but increasingly the only way to operate") because they believe all their internet and phone chatter will be eavesdropped on by the NSA and GCHQ.

"It would be highly unadvisable for … any journalist … to regard any electronic means of communication as safe," he wrote.

El Reg would like to save The Guardian a few bob, and reduce the jet-setting lefty paper's carbon footprint, by suggesting some handy tips – most of them based on the NSA's own guidance.

(It's quite possible the Graun's able staffers have already thought of all this, and whistleblower Edward Snowden eventually taught his contacts how to use PGP, but allow us to throw it out there anyway for everyone to consider.)

hawkwind23

http://www.independent.ie/irish-news/eric-eoin-marques-28yearold-architects-son-from-dublin-accused-of-being-worlds-biggest-dealer-in-child-abuse-images-29525485.html

“The person, or persons, who run Freedom Hosting are in no way affiliated or connected to The Tor Project, Inc., the organization coordinating the development of the Tor software and research. In the past, adversarial organizations have skipped trying to break Tor hidden services and instead attacked the software running at the server behind the dot onion address. Exploits for PHP, Apache, MySQL, and other software are far more common than exploits for Tor. The current news indicates that someone has exploited the software behind Freedom Hosting. From what is known so far, the breach was used to configure the server in a way that it injects some sort of javascript exploit in the web pages delivered to users. This exploit is used to load a malware payload to infect user’s computers. The malware payload could be trying to exploit potential bugs in Firefox 17 ESR, on which our Tor Browser is based. We’re investigating these bugs and will fix them if we can,” Tor said in a statement.

mcmoustache

People can communicate privately using RSA aka Public/Private key encryption. You do it all the time with https.

Say I have a keypair and you have one too. We both publish our public keys. If I want to send you a message, I can encrypt it with my private key and you can decrypt it with my public key. Unfortunately, so can anyone since my public key is, well, public.

Now, if I also encrypt the message with your public key, then the message can only be decrypted with your private key (with my public key).

As long as our private keys are secure (key management isn't trivial but it's not that difficult either), then it's impossible for an eavesdropper to decrypt the message.

You can add more layers of complexity such as PGP or use the above system to share a symmetric key but the idea is pretty much the same.

Encryption works and has been working fine for years. It just hasn't been adopted by too widely adopted for some reason.

With regard to key management, if you are running Windows and an antivirus program, your private key could be easily compromised. The NSA is very likely to have backdoors and they can demand them without the software vendor being allowed to admit to providing them. It's possible that the backdoors don't exist but if you want to be safe, use paranoid linux or an operating system whose binaries aren't created by an organisation that can be bought.

hawkwind23

thanks for the post , its something i will read more information on.
i chat with my kids and some friends online and as much as we talk **** i dont like the idea of someone being able to listen in at will.
simple invasion of privacy.

shanered

It looks like some communities in places such as Greece are setting up "off-grid" networks.

http://www.dailydot.com/politics/greek-off-the-grid-internet-mesh/

seanie_c

You can setup Thunderbird with Enigmail + PGP for secure email between 2 parties but NSA apparently pay special attention to data that's encrypted and can crack it if they want.

I use PGP for some e-mail but generally don't care if NSA reading my mail or not. It's the companies where the emails are stored I'd have more of a problem with or if the email is compromised by an attacker, this bothers me more.

Retroshare is gaining popularity for it's encrypted features but I haven't used it and can't personally recommend it...

If you want encrypted IM, (Instant Messaging) Jabber with PGP will do the job.

Sonics2k

hawkwind23 wrote: »

thanks for the post , its something i will read more information on.
i chat with my kids and some friends online and as much as we talk **** i dont like the idea of someone being able to listen in at will.
simple invasion of privacy.

The irony of course being that, the more you encrypt stuff, the more people will want to pay attention to it.

It's like having a giant flashing red button with Do Not Press on it.

hawkwind23

Sonics2k wrote: »

The irony of course being that, the more you encrypt stuff, the more people will want to pay attention to it.

It's like having a giant flashing red button with Do Not Press on it.

exactly!!!
how mad is that? its very infuriating
your a suspect for wanting to have privacy.