Wednesday, February 20, 2008

Censor this.

Why do people have no clue? Seriously first it was China with their great firewall. A laughable joke. Proxies and the like make it easy to get around. Heck there is a service I heard about a few years ago, where you can sign up, they allow an encrypted connection to your PC and use your bandwidth to get around the firewall.

Now it's the issue. Wikileaks is a web site that allows anonymous whistle blowing. A swiss bank had the whistle blown on them, about money laundering. So they found a moron symptomatic judge (bought and paid for most likely) to have the domain name taken away. It appears that it is better to protect the company than it is the consumer. A sad thing that is getting bigger and bigger in the US.

Seriously people, the companies and the government want to know what you are talking about. They want to control you. FISA and the like aren't about saving people, it's about control.

Its time to up the game. Use Tor, use PGP / GPG, SSH, SFTP, Password Safe, and TrueCrypt.

Tor will let you surf the web more anonymously. It makes the job of finding out where your going, and where you are harder. Basically it bounces you around a bunch of other computers before you get to the web server.

PGP / GPG, encrypt your email. Make it so only those you want to read your email can. Yes you can get it to work with gmail too.

SSH and SFTP encrypt your connection to terminal and ftp servers. Normally your password is sent in plain text, and anyone with a packet sniffer can see what that password is. SSH and SFTP encrypt the connection between you and the server. Meaning that they can't read your password, or what your getting from a packet sniffer.

Passowrd Safe securely store your user names and passwords. It has a nice gui in windows. It stores the data in an encrypted file. You can double click an entry and it will securely copy it to your clipboard for pasting, and the clears the clipboard when it minimizes or closes.

Lastly TrueCrypt offers Full Disk Encryption (as of version 5.0) that requires pre-boot authentication (for windows, need to check on Linux, and Mac OSX is planed for later). It provides some other nifty things too, like encrypted containers, that you can hide a second encrypted container in. That way if your computer is stolen, your data isn't accessible. Well after it powers off. It also works well on USB drives. I recently got an 8 gig drive, that I've put an encrypted container on. When I plug the drive it, it pops up the auto run menu, and asks if I want to mount the drive. I don't have to. I do have some stuff outside the encrypted section, but that's encrypted in a different way. There are some other tools that can do the Full Disk Encryption, like PGP, but Truecrypt is open source and only costs the price of the download.

No comments: