Here is a speech I gave at last year’s Porcfest, just recently published. Enjoy!
Archive for the ‘Online Security’ Category
Since World War One the United States has engaged in wars of aggression and military occupation in Central America, the Caribbean, Europe, Africa, Asia, and the Middle East. To this day the US military occupies 56 bases in Germany, 113 facilities in Italy, and 84 in Japan. They have an armed force in the “demilitarized zone” on the Korean peninsula, and hundreds of bases in at least 70 different countries.
Ed Snowden does an even greater job at damning computing devices in this interview than he ever has in preivous interviews. He specifically mentions how easy it is for state spy agencies to read everything we type, take pictures and video at will, and also audio record even when we’re not using our devices.
Now he doesn’t specifically delve into the free vs. non-free software issue, frankly because there are so few people that run 100% free software. He simply says they can do these things against all of us. The lesson to be learned from all of this is that if you are running any non-free software on your computing device, it is not really your computing device.
Because of these revelations, and others, I have long since given up my smartphone and run only 100% free software on my computer. Recently, also, the company I work for sent all of its remote employees new Chromebooks to do all of our work from. The day I received mine in the mail I completely disassembled it and removed the built in webcam and microphone. I do nothing other than work from the Chromebook. I know that everything I type and every movement of the mouse is non-private. But at least I have no fear of being audio/video recorded while in the comfort of my own home, be it from the government or Google or my own employer.
Enjoy this interview and please rethink what sort of Orwellian intrusions you’ve allowed into your life, likely for no reason other than the sake of convenience.
I really have to thank the likes of Richard Stallman and other longtime outspoken advocates of free and open source software. They sufficiently instilled the fear in me of government backdoors that allow for complete surveillance of my personal computing, including built in microphones and video cameras. I’d also like to thank Edward Snowden for vindicating them and showing the rest of the world just how vulnerable we really are.
I’ve been watching several videos from 30c3, the 30th annual Chaos Communication Conference. Let me tell you, the events and revelations of 2013 concerning government spying and the state of cryptography made for a lot of interesting talk. I’m very hopeful knowing that the hacking community at large is now fully aware of the threat matrix we’re facing and is working overtime to address it head on. The spying capabilities of the NSA and other alphabet soup agencies are no longer relegated to conspiracy theories. They are real and they are being used against us relentlessly.
Please watch this video for just a taste of 30c3, and if you like it consider watching some more talks on youtube. If there is one thing I hope you’ll take away from this speech, and others, it is that it’s time to switch to a 100% free software operating system. I choose Debian Gnu/Linux. Unlike all other non Free Software Foundation recommended distributions, it contains no binary blobs or nonfree software in any of its default repositories. There are legion of white hat hackers in the world working overtime to debug cryptographic standards, software packages, and libraries. But they cannot help you if you are running nonfree software. With that being said, enjoy the video!
As time goes on I become increasingly frustrated by email. There are simply too many downsides to traditional e-mail for me to continue its use long-term. There currently exists a superior alternative. All that’s left is for individuals to start boycotting e-mail and make the switch. Unfortunately, as we’re all heavily vested in e-mail, it’s going to take some pioneers.
If you’re a frequenter of the Bitcoin forums and chatrooms as I am you’ve likely heard of Bitmessage. It’s a new p2p distributed mail server that is completely free and open source software. I had first heard about it a few months ago but paid little attention. In the free software movement there are tons of ideas that come and go and are soon forgotten. Only after something stays around a while or a friend gets into it am I likely to give a project a closer examination. That happened last night when fellow bitcoiner and free stater Joshua Harvey announced that he had installed the software and was impressed.
After reading the Bitmessage wiki I, too, began to get excited. The software is very similar to a type of email protocol that I had found totally revolutionary in the past called i2p-Bote. The problem with i2p-Bote, however, is that it only existed on the i2p network, a very cumbersome onion network that isn’t yet accessible to non-techies. What Bitmessage has done is allow easy access to ground-breaking email software to the technophobe.
What is so revolutionary, though, about Bitmessage? It provides easy message encryption by default. It anonymizes both the sender and recipient of messages. It fights spam like no other, and because of its distributed nature it cannot be shut down. In other words the spam ridden, DDoS vulnerable, corporate data mined, NSA spyware called e-mail is eventually going to get replaced by Bitmessage. So, the next time I get a “Constitutionalist” in my face complaining about how the government is reading all of our emails, I’m going to direct them to Bitmessage and tell them to put up or shut up.
But enough from me. Here’s a nice video that will better explain what Bitmessage is. Enjoy!
Finally a well written and detailed expose on the vulnerabilities of laptop webcams! I’ve had a strong hunch for a long time that spying on laptop users is not only an easy feat, but commonplace. Of course, my biggest enemy is the state, mainly because with the amount of resources they wield, even daunting tasks can usually be overcome. But by the looks of it, spying on laptop users isn’t daunting at all.
It’s no secret that strong encryption is virtually uncrackable and there’s no denying its growing popularity. Creating encrypted volumes with TrueCrypt or Gnome Disk Utility is great for securing portable USB drives and sensitive material within a file system. But that doesn’t solve a major security problem. On most consumer computers the majority of personal information about its users’ life and habits is stored completely in the clear. Even with a login and password, when unencrypted computers or hard drives are stolen, presumably all of the data stored within it is very easily accessible through any number of means. Laptops are sweet targets for burglars. Hard drives are espionage gold to dumpster divers. Beyond that, computer systems are very frequently targeted during police and military raids of all sorts.
In the open-source movement, there is a split between those who emphasize “free as in cheap” and those who emphasize “free as in freedom.” But consumers demand freedom and privacy just as they do utility and affordability. Were that not the case, there would be no such things as drapes or pants.
Rather than getting into reasons why encrypting online communication is good practice, I’ll leave it at this: The technology is readily available and extremely easy to use.
In the past I’ve been told, and was convinced, that it is not possible to encrypt instant messaging(IM). Recently, however, I found out that it is possible and quite simple to implement. By no means am I a security expert, but I am always excited to share the learning experiences I gain from others I consider to be more knowledgeable than myself. If you have alternatives, relevant information, resources, or input on this topic, please share as well. (more…)