Tools which protect our privacy. Post your tools / ways you are using and opinions.

Discussion in 'Serious Discussion' started by Yen, Jul 23, 2013.

  1. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,098
    10,766
    340
    I want to start this thread to introduce two different tools.
    The problem is that if one wants to do something to have more privacy one has to make an effort. To have privacy without extra effort is not granted.

    The measures which one has to apply are basically the same the secret services are doing themselves. So it has a touch of James Bond and some might come up with the idea that it is not needed and only people who have to hide something are applying such measures.
    I want to say one thing only: These people don’t get what this is all about, a basic democratic right which has been massively compromised…..






    The first one makes it possible to browse anonymously. The tool bundle is easy to install and to setup.


    The Tor browser bundle.
    https://www.torproject.org/

    More info and how onion routing works. https://en.wikipedia.org/wiki/Tor_(anonymity_network)


    I personally have the browser bundle (Tor portable browser is a modified Firefox browser) on an USB pen drive and can plug it in wherever I want to use it.
    It is also useful to use it at public terminals.

    Advantage: Easy to use, portable.
    Disadvantage: Slow due to encryption / available bandwidth
    Reminder: End node to destination is not tor encrypted. There is the original condition of the connection.


    The second tool is made to encrypt / decrypt personal messages. A personal message can be any data. The tools available are based on PGP, S/MIME.
    I have picked up one example.

    Gpg4win
    Info about and how it works: http://en.wikipedia.org/wiki/Pretty_Good_Privacy

    Gpg4win and documentation: http://www.gpg4win.org/

    Advantages: Very secure if handled properly. It cannot be cracked. Properly means the private key or secret must remain absolutely secret. It is recommendable to store it on a USB pen drive which can be removed and stored externally (not on the PC drives). Also the passphrase should be strong.

    Disadvantage: Receiver must be familiar with it and use it.

    Each user has a public / private key pair. The public key has to be made public. This key is used to encrypt messages.
    The secret key is used to decrypt the message.

    So if somebody wants to post me an encrypted message he needs to use my shared public key to encrypt it:

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: GnuPG v2.0.20 (MingW32)

    mQENBFHpQWkBCACcnKNKld+OpKSQ5HmoTPDPi+r1p3EDS3mI8QuvRJbkZIL9oOsz
    PLTCG2Wvwq0SSbZg7dnLExhqX6NjrlaBw5oXlHcikq7NQ+C2moY6EpMyCHWG3KYT
    c1iAGCVpui4PfzP33c79c0K5OQFnMf7ZjhQrkY/Fb4xoE9TgtQmEcA1znDxM0BNq
    5cSPigx53emxjuuf+d8g1PyR53XVK2DRtc7ztG9GCsQEmH3Ag6IbYazYEjVRGAEr
    MqhmDzRXbkuQCf2QgbhKnLQ+qZjAe7qu3wRCxFbYqd42TNm1m+MbfjMEA+/yncZO
    cp4VvDECer4IwFtcVjqyhmCYWK0KhcMQRG/NABEBAAG0Glllbi4uIDx0ZXN0bWFp
    bEBnbWFpbC5jb20+iQE5BBMBAgAjBQJR6UFpAhsPBwsJCAcDAgEGFQgCCQoLBBYC
    AwECHgECF4AACgkQzIzWH+GV502xxQf+PRNtl6sO+XAetY4SZtuRKHOy+if/7vtX
    SyVQ0Em78NmrOcjtjzl4VetXs+KsgkJLFnI+WwdX7QCk4FR5MKeK4BOz9BweDqmW
    cpHA/NDlNCS/AOi0ASER+frjMKEUggZ1UFGYHHTe6ZiKxnX1kkZgmaUXIcWQfTnQ
    W8mB0trFgNNRAZJPxSAsapiRgS7i1hrz34WRSIwPTkL1H4jrczTRm/mVULAt5+uJ
    8XGSVzueeE0F3ilBl5ozCNnU1CMIZPEboWpNZXOAhIee1zT4DZuSKEcHP+LsUpWz
    U4n3E85CI2WboHh/hDBWJGkn1BVhq1Ke8u5eQK4/y/gewAyhf0zMLQ==
    =rk7y
    -----END PGP PUBLIC KEY BLOCK-----





    Anybody who wants to receive encrypted data needs to share (make public) the own public key. Public keys can be managed with the tool.
    There are also plugins for e-mail clients which provide PGP for e-mail.


    Some final words to these two tools.

    The tor browser bundle is easy to use and doesn’t require that somebody uses it too to communicate. It allows anonymous browsing, you never use your own IP address.

    PGP related tools have to be used by both, means both have to be familiar with the method and both have to know the public key of each other’s.

    Both methods combined will grant a lot more of privacy.
    Government has started to use such methods to protect their privacy (secret data).
    They use high tech security standards. To protect the privacy of the common internet user isn’t of much interest. Companies want us to be a transparent consumer who can be spammed with new ‘offers’
    Govt wants us to be transparent, because we have to be controlled to get a safe and secure world.

    We the users have not started this.
    The times where privacy went without saying are over. We have to change our behavior.

    Feel free to play with PGP and post your key / or an encrypted message for me/you for a test. Everything starts with curiosity.

    Feel free to post your own tools / measures / opinions.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. MysTikAL3

    MysTikAL3 MDL Senior Member

    Jul 15, 2013
    387
    8,435
    10
    #2 MysTikAL3, Aug 14, 2013
    Last edited: Aug 14, 2013
    How about some user discussion/feedback on the best 'legit' VPN's at a reasonable cost...:rolleyes:

    IMHO seems to me this privacy thread should be a sticky...:spoton::worthy:
     
  3. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,098
    10,766
    340
    Thanks. :)

    I wonder why there are no more replies yet. It seems the matter privacy is no major matter yet. (I guess we need to be controlled / tracked even more until the majority will react, or the policy of the US govt to downplay still works efficiently, lol)

    Concerning VPN. http://en.wikipedia.org/wiki/Virtual_private_network

    I am running on my Linux based router a VPN server. It uses IPSec XAuth PSK. IP Security with eXtra Authentication and PreSharedKey.
    This is also used on Cisco VPNs
    There are several different standards which can be used to connect to a virtual private network. Those provided by M$ windows client are not secure though. (PPTP=PointtoPointTunnelingProtocol). The windows client is not able to connect to a IPSec VPN, one needs for instance a free client like shrew soft VPN client https://www.shrew.net/download/vpn

    Android and IOS are able to handle the secure IPSec.

    With a VPN you can connect two networks through a VPN tunnel (or at east one client with a network). The advantage is that you are tunnelling through the internet using a secure tunnel and at the end you receive your own private network with all the original intra net IP addresses.

    Of course there are paid services as well which offer a VPN access to the internet. This also allows completely private and secure access to the network and / or internet.

    I for instance run my VPN server for free @home. I can connect with my Android phone through a VPN (IPSec) tunnel to the server. Then for instance when I use the original intranet IP address of my Linux Enigma 2 media server I can access it from everywhere of the world securely (either via 3G or wlan hotspot or via hotel / company wlan.)

    I also can connect to my router which provides a land-line access. So I can phone for 'free' from everywhere to any landline @my home country.
    This of course is not made for anonymous browsing the internet, since at the end of the VPN tunnel I'd use my own ISP assigned IP address when I access the internet from there...it is made to securely reach my home intranet the servers / clients there....

    How it works (example):

    Free wlan spot somewhere in the world--->VPN IPSec tunnel to my router @home. On my router the VPN server serves the landline access client. To dial there is an Android phone app made by the company who provides the Linux based router. So when I dial on my Android phone it is just like I would dial at my home's landline.
    So it is just like a national call, which is 'free' since it is included at my ISP service (free means here no extra costs)...It is a call from a hotspot somewhere through a VPN tunnel home and from there to any national landline...

    Can you do that with windows? Lol!

    Just another example that the good stuff can be done with open source, with Linux based routers where it runs a VPN server, landline access client and other stuff....
    And just another example that one needs to make an effort to inform oneself. Keywords here: VPN / Linux based OSes (any time keyword Linux, lol)

    Mainstream windows people never get the cool stuff and remain a potential 'victim' of a monopoly's politics and connections to secret services...tbh this applies to google as well. There should be another mobile OS based on Linux, time for Firefox OS!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. MysTikAL3

    MysTikAL3 MDL Senior Member

    Jul 15, 2013
    387
    8,435
    10
    #4 MysTikAL3, Aug 15, 2013
    Last edited by a moderator: Apr 20, 2017
    :g: Maybe many are reluctant to reveal their choices of privacy tools. :dunno:

    IMO StartPage is The Best Search option;

    [FONT=&amp]Startpage offers you Web search results from Google in complete privacy! [/FONT]
    [FONT=&amp]When you search with Startpage, we remove all identifying information from your query and submit it anonymously to Google ourselves. We get the results and return them to you in total privacy.[/FONT]

    [FONT=&amp]Your IP address is never recorded, your visit is not logged, and no tracking cookies are placed on your browser. When it comes to protecting your privacy, Startpage runs the tightest ship on the Internet. Our outstanding privacy policy and thoughtful engineering give you great search results in total anonymity. Here are some of our key features:[/FONT]


    • [FONT=&amp]Free proxy surfing available.[/FONT]
    • [FONT=&amp]Praised by privacy experts worldwide.[/FONT]
    • [FONT=&amp]Fourteen-year company track record.[/FONT]
    • [FONT=&amp]Third-party certified.[/FONT]
    • [FONT=&amp]No IP address recorded.[/FONT]
    • [FONT=&amp]No record is made of your searches.[/FONT]
    • [FONT=&amp]No identifying or tracking cookies used.[/FONT]
    • [FONT=&amp]Connection using powerful SSL encryption.[/FONT]
    [FONT=&amp]To learn more, check out our [/FONT][FONT=&amp]privacy page[/FONT][FONT=&amp] and read our [/FONT][FONT=&amp]privacy policy[/FONT][FONT=&amp]. We're confident you'll like what you see.[/FONT]

    :) :good3:

    Secure Your Online Privacy with Tor, HTTPS Everywhere, and DuckDuckGo



    :biggrin:
     
  5. MysTikAL3

    MysTikAL3 MDL Senior Member

    Jul 15, 2013
    387
    8,435
    10
  6. Puffingmad

    Puffingmad MDL Addicted

    Aug 19, 2012
    500
    229
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,098
    10,766
    340
    #7 Yen, Aug 21, 2013
    Last edited by a moderator: Apr 20, 2017
    (OP)
    Thanks for that. Didn't know DuckDuckGo, sounds funny. :biggrin:

    Reply to the blue sentence at start:
    I am afraid that most don't care and hence there are no replies. Most think that users who use such tools have something to hide or are involved in 'illegal' actions. They say: I am anywhere legal and have nothing to hide!

    How many are still using the internet explorer with google search or Bing to feed the monopolists?
    Anything I can say to them is :doh:.....they miss the point completely. There are institutions who collect / store data which are used 'for their needs' without my agreement and I get 'criminalized' in some way, because to them I am always a potential criminal. This is no democracy.
    When Obama says we do not spy on our own people, then I laugh about. Do the 'record devices' know beforehand who is / becomes criminal???
    The politics of the NSA is to store anything to have most 'probability' to have stored communications which indicate a potential crime / assault. This is a very crude method and actually not very intelligent.
    When they are lucky and have stored such a communication then of course they publish that they know of a potential assault and later they report of a success to have prevented the crime.

    The brainwashed people agree with the success. Do they know of the thousands of thousands innocent people's recorded communications? Do they know that they probably have read / heard all their e-mails, phone calls, because they are potential criminal? They only can know it after not before. Before everybody is treated as a potential criminal.

    Who is criminal if not the govt themselves....
    There is a good slogan of a Party who cares about privacy: Nobody must know that I have got nothing to hide! :)


    To change the startpage is no effort at all. Just use https://startpage.com/eng/ best with the independent Firefox browser and you have done the first step concerning more privacy.

    And for mobile phones watch out for this: https://www.mozilla.org/en-US/firefox/os/. I hope Android will get a real competitor soon!!! An Open source OS without the primary intention to make money in a doubtful way like M$, google and Apple...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Humphrey

    Humphrey MDL Expert

    Dec 13, 2011
    1,458
    981
    60
    I have mentioned privacy in the chat box a few times, I always get balked at. Talking to you bk109.

    http://www.wired.com/opinion/2013/0...is-the-wrong-way-to-think-about-surveillance/

    I enjoy my fading privacy. I email my representatives about the privacy issues that go to the floor. The one for my state is pro NSA though was in the military so I am sure he is just a pawn. Tom Cotton, you can goto hell!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. R29k

    R29k MDL GLaDOS

    Feb 13, 2011
    4,676
    4,273
    150
    Was wondering how people know that Tor and DuckDuckGo are safe to begin with?! I think you have to assume that nothing is safe and don't have anything personal online or anything that you don't mind giving away. The first step to privacy is to not use social networking.
     
  10. alextheg

    alextheg Super Moderator
    Staff Member

    Jan 7, 2009
    1,776
    806
    60
    I think Tor / Onion Network has a good reputation . Speed is the downside for me. I agree regarding social networking though , it's just one big tracking experiment..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. pompey

    pompey MDL Novice

    Mar 20, 2013
    30
    10
    0
    i agree with you, about tor, or anything that uses a firefox clone... but i have some hope that duckduckgo.com at least keeps its promises.. not that that is any help in obtaininig privacy..
    our ip adress cannot be hidden in a practical way from the likes of nsa.. tor&co and vpm are illusions there, imo..
     
  12. pompey

    pompey MDL Novice

    Mar 20, 2013
    30
    10
    0
    i have some more uncomfortable thoughts, about this whole privacy issue, btw..
    the big boys have been pushing uefi down our throats for a long time now,
    with total succes. you can hardly buy a conventional bios machine anymore.
    while there was nothing wrong with the good old bios, 16 bits or not. it did what
    it should do, and was controllable BY THE CUSTOMER. god only knows what
    backdoors are built into uefi. i lack the competence to find out, alas..
     
  13. kly1

    kly1 MDL Novice

    May 19, 2013
    3
    0
    0
    #13 kly1, Aug 23, 2013
    Last edited: Aug 23, 2013
    Very interesting thread!

    I know tor + privoxy make a good combo.
    Do you guys use any encrypted chat program? (Bitmessage seems to do the job)

    I'm just curious...
    What about lavabit (Email service used by Snowden)

    Here's a quote from wikipedia
    Ladar Levison (owner) is under gag order and can't explain legally why he ended the service.

    would it be different if it was in the iceland (known by its strong freedom of speech law)?

     
  14. pompey

    pompey MDL Novice

    Mar 20, 2013
    30
    10
    0
    well, what can a non-paranoic person say?
    i can only give you my considered opinion, for what that is worth.
    and there are far more competent people posting in this thread..
    that said.. the eyeopener for me was that nsa and co can just
    walk into my pc using built-in hardware backdoors, provided
    by the internet estabishment.
    and there is no defence against that.
    so i am looking at alternative operating systems, older bios
    as opposed to uefi machines, etc.. i am not into so called
    social media, they only offer a total lack of privacy.
    i have got no illusions about tor.
    and very little illusions about internet privacy.
    more is the pity..
    as for encryption, why bother? it is a pain, takes
    processor time, and has got builtin backdoors too..
    as for lavabit, their integrity impressed me.
    that is pretty obvious, and by now known to
    everyone.. just my 2 centavos..
     
  15. RawData

    RawData MDL Member

    Mar 4, 2008
    223
    30
    10
    #15 RawData, Aug 25, 2013
    Last edited: Aug 25, 2013
    That only shows IMO the very base principle of MDL: "Who ever you are, the information is here for you to get."

    For me, secure exchaning small amounts of information (keys/PWs) is enough and there are always possibilities for that. after that, you can always encode even big amount of data needed to transfer. Personnally, I like the idea of using TrueCrypt containers. It's not for everyone, but it works. As breaking TC is "somewhat difficult", I've not seen any need to update my practices, even while TC was never meant to this purpose. :biggrin:

    Those not knowing TC, I suggest heading to http://www.truecrypt.org/ and checking it out. Even the front page will tell a lot of it's capabilities. For paranoids, how about encrypting your whole OS drive? :spoton:

    Oh, wait... I meant this only for responding to Yen! I now realize, mentioning TC is spot on! :biggrin:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. RawData

    RawData MDL Member

    Mar 4, 2008
    223
    30
    10
    What is this "social networking" you're talking about? Some sort of FaceBlarg or DumbBook? :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,098
    10,766
    340
    I played with DriveCrypt which was similar many years ago for curiosity's sake.

    TrueCrypt is suitable to encrypt local stored data. This means you have more privacy especially when 'officials' get physical access to the device. But the advertised 'deniability' is not guaranteed. No matter which method used, data are distinguishable from 'random nothing'.

    Our privacy is mainly compromised when using online services / communication. For this use TC is not necessarily suitable since as soon as data go online it is decrypted already.
    OK, one could share an entire encrypted virtual volume but the password to decrypt needs to be communicated also...
    The same might be achieved when simply sharing an password protected zip archive.

    Generally when communicating privately (friend to friend) there are more measures to protect privacy, it can be talked about what both can use. The public / private key model is more suitable here.

    But it becomes hard when one has to use what a 'service' / shop has to offer.
    For instance when buying at Amazon you accept their privacy / security 'standards', when using Facebook you accept theirs....you cannot demand 'another'. The only thing one can do is to avoid to use their service completely.

    The issue is that 'others' store private data and 'communication behaviour' (real contents and meta data) actually data without agreement and hence are violating privacy...TC is made to protect local data (contents) additionally, but wouldn't actually help here. It is made to have 'local privacy'. A good additional protection one might to think about. Thanks.:)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. R29k

    R29k MDL GLaDOS

    Feb 13, 2011
    4,676
    4,273
    150
    #18 R29k, Sep 9, 2013
    Last edited: Sep 9, 2013
  19. nodnar

    nodnar MDL Addicted

    Oct 15, 2011
    952
    620
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  20. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,098
    10,766
    340
    You are actually right. Depends on what you expect!
    But even if tor encryption is weak (or the way from end node to destination is not tor encrypted) one does not leave back the own IP address on the destination server itself.

    Anything else can be an additional safety, but is not guaranteed.

    It is also a difference if one comes into focus of officials (crime) or if services as the NSA stores random data. At the former one needs to sit at the end node and has to capture live data, or to ask the NSA for their backup, lol.
    But to find the right data trace is not easy when not being live there when communication happens.

     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...