Encryption

Phones, Internet, Computers and such.
User avatar
ali baba
Expatriate
Posts: 941
Joined: Fri May 16, 2014 3:27 am
Reputation: 166

Encryption

Post by ali baba »

I've been playing around with Bitlocker on my computer and I'm interested in using proper encryption since I'm 99.99% confident windows built a backdoor into this, along with the entire OS.

What encryption would you recommend?
I liked how I couldn't view encrypted files from profile A in profile B but I could transfer the files onto an external drive at the touch of a button, which was too easy. I'd prefer password protection or absolute inability to copy or transfer the files.
Scarier than malaria.
OrangeDragon
Site Admin
Posts: 4193
Joined: Fri May 02, 2014 8:05 pm
Reputation: 17
United States of America

Re: Encryption

Post by OrangeDragon »

I would suggest that you're not interesting enough to warrant them hacking your files. ;-)
User avatar
ali baba
Expatriate
Posts: 941
Joined: Fri May 16, 2014 3:27 am
Reputation: 166

Re: Encryption

Post by ali baba »

Haven't you heard OD? Anyone who uses encryption is an 'extremist' in the eyes of the NSA.
Scarier than malaria.
walkjivefly
Expatriate
Posts: 319
Joined: Wed May 21, 2014 10:22 am
Reputation: 19
Location: Phnom Penh
Great Britain

Re: Encryption

Post by walkjivefly »

How much security do you really need, or who are you trying to stop prying? Apart from the boot partition the whole of my netbook hard drive is a linux encrypted filesystem. Ditto for my external backup drives. It's been a while since I set them up but I think they're using 256 bit blowfish or twofish or whatever the algorithm is. I could go review the source code myself but I'm happy to rely on my more competent peers to have done that . Probably GCHQ and NSA could brute force their way in in time but I'm sure they've got quicker ways of getting the keys from me. But for the more likely scenario of some tealeaf nicking my hardware I think my confidential data on those dives is secure enough. I've yet to meet anyone who routinely encrypts their outbound emails, doing so is just overkill for most people most of the time. Sure, I understand the principle of wanting to stop governments and corporations from spying on my email but it's inconvenient for the recipient and just too much effort. Shopping lists, holiday plans etc., have at them! There is more than a grain of truth in the argument that if you have nothing to hide you don't need fancy ways to hide it.
User avatar
StroppyChops
The Missionary Man
Posts: 10598
Joined: Tue May 06, 2014 11:24 am
Reputation: 1032
Australia

Re: Encryption

Post by StroppyChops »

Good summary, WJF.
Bodge: This ain't Kansas, and the neighbours ate Toto!
clippy
Expatriate
Posts: 197
Joined: Thu Jun 05, 2014 1:12 pm
Reputation: 1

Re: Encryption

Post by clippy »

https://owncloud.org/

its like dropbox/googledrive etc. but you use your own server. it lets you use server side encryption

i'm not an security expert though.
User avatar
StroppyChops
The Missionary Man
Posts: 10598
Joined: Tue May 06, 2014 11:24 am
Reputation: 1032
Australia

Re: Encryption

Post by StroppyChops »

We use OwnCloud on our personal domain, easy to manage and use.
Bodge: This ain't Kansas, and the neighbours ate Toto!
User avatar
phuketrichard
Expatriate
Posts: 16792
Joined: Wed May 14, 2014 5:17 pm
Reputation: 5734
Location: Atlantis
Aruba

Re: Encryption

Post by phuketrichard »

cloud storage is the worst for personal info;

Read thru here

http://silkroaddrugs.org/silkroad-drugs ... tep-guide/

ok its for silk road but the encryption info is top notch;

I suggest you go on to silk roads forum than, u will get the best info on how to, where to, what to and when to.

Extra Precautions for anonymity :bow:

Weather you know it or not you need to make your self as anonymous as you can these days. Even if you are not visiting sites like the Silk Road there are corporations, governments, network administrators, and hackers trying to watch every move you make online. Don’t make their job easy and let them have acces to everything. Here are some tips to stay anonymous.

Use a good VPN Service at all times while on the net.
If you are not sure about a site that is requesting an email then get an anonymous email. You can get one from Hide My Ass or send anonymous emails from http://send-email.org/
Install and use a PGP (Pretty Good Privacy) program such as GPA to encrypt all of your messages that you don’t want anyone else to be able to read. Emails and messages can easliy be intercepted and read on many platforms so if you want to keep them between you and the recipient then you must use one. There is a great guide I found on how to use it, just click here.
For email addresses, logins, passwords, nicknames etc DONT EVER use real name, birth dates, locations, ages etc. Use something that is as random as can be. A great way to be very random in this is use parts of music lyrics and random numbers.
Cover your webcam.
Turn the mic off on your PC. (even better if you don’t have any). If on a desktop PC the unplug the Mic if you have one.
You really need to think about getting some of the best PC scrubbing software available. Every time you view a webpage, look at a photo, read an email it is all recoverable from your computer even after you delete it and empty the recycle and even format the hard drive. Do you want someone else knowing every move you have been making online? Just think if your computer got stolen, if you lost it, if you gave it away or even if you threw it out then someone that knows how to can just recover the files and look at all of your details, photos, credit card details, personal info and use it to their advantage. There are a few programs out there that can permanently delete files and clean your computer on a regular basis but i use one that is the only one good enough for the CIA to use. If you want to check it out then you can here.
If disposing of your PC and you don’t have a good scrubbing software tool then i would take the hard drive out and set it on fire or destroy it somehow.
Make sure you are using the best security possible on your home wifi network with a long password, also hide the network from others. By doing this it will not appear on the available wifi connections, you need to manually type in the network name to find it.
If you not doing anything illegal then you have a lot less to worry about so you should always adhere to the law, this doesn’t mean that you should not take these precautions though as internet fraud, identity theft and cyber crime are at levels never seen before and increasing.
In a nation run by swine, all pigs are upward-mobile and the rest of us are fucked until we can put our acts together: not necessarily to win, but mainly to keep from losing completely. HST
User avatar
StroppyChops
The Missionary Man
Posts: 10598
Joined: Tue May 06, 2014 11:24 am
Reputation: 1032
Australia

Re: Encryption

Post by StroppyChops »

phuketrichard wrote:cloud storage is the worst for personal info; Read thru here http://silkroaddrugs.org/silkroad-drugs ... tep-guide/ ok its for silk road but the encryption info is top notch; I suggest you go on to silk roads forum than, u will get the best info on how to, where to, what to and when to.
I gotta agree with WJF:
walkjivefly wrote:How much security do you really need, or who are you trying to stop prying?
If you have a serious need to 'go dark' on the Internet because you're up to illegal sh!t then sure, head over to Silk Road. Do some research on the link between Silk Road and the missing millions in BitCoin while you're at it, and then ask yourself if you truly trust even SR to keep you dark.

Personally I don't have data or activity that is that interesting to anyone else, government departments and Google included. I rack with inMotionHosting and find that's enough server security for me, obviously locking down my apps and services to a reasonable degree and tunneling as needed (which, incidentally, is 'not' in this country).

A couple of folk who know me in person know I'm an ex con - I was a cybercrim, and I was pretty good at it (queue the comments about "obviously not good enough to not get caught", etc, very funny, hyuck hyuck!) and I can tell you that unless you've come to attention and got yourself on a watchlist, the watchdogs are more interested in patterns and heuristics than individual posts, transactions, etc. They are truly not interested in your small drug dealings on SR, unless you are a reseller.

For example, downloading or storing a copy of the Devil's Cookbook might be simply noted, but until you plan to meet with four other people who have also downloaded it (let's say), it's simply not that interesting. Case in point is the capture of the group of Muslim (now, now, I can say that without certain of you screaming "Islamophobe!") 'chemists' inside a water catchment area in the States after midnight recently - I would put money on that arrest coming about as a result of patterns and correlations identified in Internet/mobile phone traffic. Note that FOI requests are stonewalled on that case - there's the real watchdogs in action.

Sorry, soapboxing.
Bodge: This ain't Kansas, and the neighbours ate Toto!
walkjivefly
Expatriate
Posts: 319
Joined: Wed May 21, 2014 10:22 am
Reputation: 19
Location: Phnom Penh
Great Britain

Re: Encryption

Post by walkjivefly »

phuketrichard wrote:cloud storage is the worst for personal info;
Yes, the interface between my devices and the cloud is where I have the most concern. Thanks to clippy and StroppyChops for the owncloud reference. I'll look into that. So far my approach has simply been to not put anything sensitive in the cloud, despite the advantages of doing so.

It's interesting to note the vastly different costs of commercial cloud storage - Dropbox is $9.99 a month for 100Gb, Google is only $1.99 a month for 100Gb. I trust Dropbox more than Google but Google is hard to beat for convenience and integration.
Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 172 guests