Monday, September 2, 2013

Open Source Encryption Tools to Protect #Privacy #nsa (Updated 11/2018)

I was totally unprepared for today's bombshell revelations describing the NSA's efforts to defeat encryption. Not only does the worst possible hypothetical I discussed appear to be true, but it's true on a scale I couldn't even imagine. I'm no longer the crank. I wasn't even close to cranky enough. Source: On the NSA
For all my fellow cranks out there, a concise list of my free open source software (FOSS) favorites. All these solutions take advantage of AES-256 encryption. 

Update 11/2018: Streamlined List
Since I first wrote this a few years ago, I've streamlined my tools. Here's the list of my daily use tools:
  1. Computer: 
    1. Operating System(s):
      1. Work: Use whatever works best (e.g. Windows, Mac)
      2. Personal: GNU/Linux (e.g. UbuntuTAILS)
    2. Encrypted Files/Folders...
      1. on a hard drive (external/internal): Veracrypt
      2. individual files/folders: Secure Space Encryptor
    3. Encrypted End to End Messaging via Your Computer: Signal
    4. Encrypted Email: ProtonMail.ch via web or Thunderbird
    5. Virtual Private Network: Private Internet Access
    6. Browser: Tor Browser
    7. Password Management: Keepass2
  2. Chromebook: 
  3. Mobile Phone
    1. Encrypted End to End Messaging: Signal
    2. Encrypted Files: Secure Space Encryptor app
    3. Encrypted Email: ProtonMail.ch
    4. Virtual Private Network: Private Internet Access
    5. Search Engine/Secure browser: Duck Duck Go
    6. Block RoboCallers/Spammers: Hiya
    7. Password Management: KeepassDroid
    8. Check vulnerabilities on your phone: NYC Secure
When people look at this list, they say, "Wow, how do you use these?" This diagram tries to explain it.


Older info:

At the end of each section, I share my recommendation.

1. Encrypted Email & Encryption Tools
Recommendation: For end to end encrypted email, I use ProtonMail and have for awhile.  I also use ParanoiaWorks' Text Encryptor for extra stuff, even though ProtonMail now offers PGP encryption in addition to its built-in encryption. 


2. Encrypt Your Files/Folders


Recommendation: TAILS is my new friend for encrypted content, and I often use the Disk Utility to encrypt external USB drives now that Truecrypt is defunct. I also use Keepassx to track my passwords. I wish more educators would take advantage of these tools since that would help prevent data breaches of student/staff personally identifiable information!


3. Security & Encryption in Your Internet Browser
    • TAILS - This is the way to go and works great. Read the Linux Journal for getting started guide, although TAILS Documentation is easy to follow. This is a very nice package for encrypting everything and also supports encrypted USB external drives.
    • Use Tor Browser Project (the 2.4 version, not 2.3) to protect your location; it comes with HTTPS Everywhere
    • Browser add-ons:
      1. AdBlock for Firefox/Chrome - Blocks banners, pop-ups and video ads - even on Facebook and YouTube and Protects your online privacy
      2. Facebook Privacy List for Adblock Plus - Enhances AdBlock Plus.
      3. Facebook Disconnect for Chrome and Firefox - Facebook is notified whenever you visit one of the more than one million sites on the web that use Facebook Connect and has a history of leaking personally-identifiable information to third parties. This turns off data flow.
      4. Priv3 for Firefox - The Priv3 Firefox extension lets you remain logged in to the social networking sites you use and still browse the web, knowing that those third-party sites only learn where you go on the web when you want them to. 
      5. Ghostery - Ghostery looks for third-party page elements (or "trackers") on the web pages you visit and notifies you that these things are present, and which companies operate them. If you wish, choose to block the trackers they operate.
      6. Do Not Track Plus, and for fun,
      7. HTTPS Everywhere
Recommendation: Use TAILS if you must be encrypted. Otherwise, adding all this stuff to your browser of choice will be a pain.

4. Mobile Phone Apps
  1. Signal - Works on iOS and Android to send end-to-end encrypted SMS. Offers phone calls, text, image and voice messages that are encrypted if you use their encrypted chat option.
  2. Duck Duck Go app -
  3. Private Internet Access Virtual Private Network (VPN)
  4. HiyaHiya partners with carriers and smartphone makers to offer caller profile solutions and spam protection for their customers
  5. Secure Space Encryptor App
  6. NYC Secure
  7. Finally, if you really want to attempt security from the operating system up, give Replicant OS for Android phones a try.
Recommendation: Of these messaging apps, I'm using the free open source and no-cost Telegram. Works great! As to Replicant OS, I'm not so sure and given my current phone so I can't switch to that.





Check out Miguel's Workshop Materials online at http://mglearns.wikispaces.com


Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure



No comments:

The Courage to Lead