...as one former NSA official noted, "You have to assume everything is being collected." (Read More)Update 05/28/2014 - TrueCrypt is now defunct
As much interest I have in encrypting confidential communications and data that K-12 schools are involved in, there seems little point in attempting to do so under the full scale assault of governments--American and British--tapping into the Internet pipe via PRISM, MAINWAY,MARINA, and NUCLEON, as well as their foreign counterparts . You'd think that with all that computing firepower, they'd be able to bring about the "world peace" equivalent when it comes to identity theft!
Not only that, but that encrypted communications can actually be archived and kept LONGER than unencrypted ones...well, that's too much.
...specifically to encrypted information, allowing it to gather the data regardless of its U.S. or foreign origin and to hold it for as long as it takes to crack the data’s privacy protections.Worse, if you're using a Windows computer (switch to Linux or Mac), then there's a definite certainty that you are being spied upon:
The agency can collect and indefinitely keep any information gathered for “cryptanalytic, traffic analysis, or signal exploitation purposes,” according to the leaked “minimization procedures” meant to restrict NSA surveillance of Americans. ”Such communications can be retained for a period sufficient to allow thorough exploitation and to permit access to data that are, or are reasonably believed likely to become, relevant to a future foreign intelligence requirement,” the procedures read. (Read more)
A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use - See more at: http://therebel.org/stone/655776-full-nsa-access-built-into-every-windows-os-since-1997#sthash.dz5TpuZ6.dpufThose facts aside--that EVERY communication we participate in is being archived and that encrypted communications are being kept indefinitely just in case--I'd like to encourage EVERYONE to use encryption for their communications, storing files on cloud storage, etc. Send a message to the President of the United States, to the National Security Peepshow Agency. And, it's still important to protect confidential data.
My go to security tools include the following; I've included my advice at the end of each section with a short wrap-up at the end:
- Password Protection - Keep track of passwords in a secure way.
- Use Secure Passwords - Both KeepassX.org and Secure Password Generator can create high quality passwords. Take advantage of this.
- KeepassX - This is my favorite password tracking tool. You can save the file on Dropbox--but you don't have to--then access it from any device (e.g. iPad, Android, Mac/Win/Linux computer). It's no-cost, free open source, and your passwords are encrypted by a single password.
- 1Password - If you aren't afraid to spend money and save your passwords in the cloud, then this may be the solution for you. They just beefed up their encryption to protect against the NSA.
- Advice: Use KeepassX...please don't store your critical info in GoogleDocs.
- File Encryption - Protect sensitive files/documents.
- Secure Space Encryptor (SSE) - This works great on Android and Win/Mac/Linux computers with its java equivalent. It's my new go-to tool because it not only lets you encrypt individual files, it also can handle folders! On Android, you can also encrypt text messages, which is great!
- AESCrypt.com - Another phenomenal encryption tool that works at the command line and has a nice GUI. You can use it on Mac, Win, Linux computers and with Crypt4All Android app (slightly limited).
- Truecrypt.org - This is different than the two previous products, since you essentially create a "box" and drop all your confidential files in that. Works great, easy, and should be used in combination with one of the other solutions.
- Advice: My advice is to go with SSE and TrueCrypt for a winning combination. If you use Dropbox, Box.net, then any one of the solutions above would work for you. For individuals, you might also consider Boxcryptor. A Windows only no-cost solution is EncryptFiles.
- Email Encryption - Encrypt the text of your emails
- Mailvelope - This is my go-to text encryption add-on for Firefox and Chrome browsers. If you're using Thunderbird email client, you'll want to use probably use Enigmail. Both solutions require knowledge of GPG/PGP public/private key encryption and probably will not be a good solution for most people who aren't serious about encryption.
- Advice: Type your message, save it to a document, encrypt the document using SSE File Encryption and email that as an attachment or share it as an anonymous attachment through a solution like TransferBigFiles.com or YouSendIt.com.
- Protect Your Browsing Habits - Try to keep where you go online to yourself.
- Use extensions like HTTPS Everywhere.
- Virtual Private Network (VPN) - You'll want to take advantage of a VPN. Read these articles to get some background info. Or, setup your own.
- Tor Browser Project - Take advantage of the TOR Browser Project. It protects your location. The Onion Router (TOR) Project makes it easy to surf anonymously. Read their explanation for more information. There are iPad, Android apps you can use for "tor" or "The Onion Router."
- DuckDuckGo - This is one of those browsers that doesn't track you.
- Turn Off Google History.
- Advice: Ugh, this is tough to keep up consistently so be prepared to spend a lot of time on this one. Be sure to Trace Your Online Shadow.
If we continue to permit this, the ultimate fault and blame will not be with our government or our leaders, but rather with ourselves. (Read More)RECOMMENDATIONS:
The most flexible solutions for me include the following:
- For encrypting email messages, take advantage of youFourmilab's web page on your own computer or server to encrypt text messages. Use secure passwords.
- For files/folders, take advantage of Secure Space Encryptor (SSE) tool, and, if you don't want people to glean information from the filenames, use Truecrypt.org.
- Save all your passwords in KeepassX.
- Use Tor Browser Project to protect your location; it comes with HTTPS Everywhere.
All these solutions take advantage of AES-256 encryption.