[Freedombox-discuss] #NSA #prism "safe" communication ?

Sandy Harris sandyinchina at gmail.com
Wed Jul 3 15:30:41 UTC 2013

macbroadcast <marc at let.de> wrote:

> http://www.washingtonpost.com/wp-srv/special/politics/prism-collection-documents/?hpid=z1
> i am asking the list, are there any "well know" practices to prevent spying

Actually, there are quite a few, but there are some caveats or
limitations that apply to all of them.

First off "well-known" definitely does not mean "secure"; this stuff
is hard and there are some heavily marketed products that get it
wrong. Second, no system can be secure if the underlying computer is
not; if you download a trojan horse program that takes control of your
computer, you're toasted. Any security software you run on that
machine can fairly easily be subverted. Third, system admins have
access. If you have unecrypted email or on a server somewhere or posts
in some allegedly private online forum, the administrators of those
systems can see them. That may be fine unless you have a dishonest
admin or a government that leans on the hosting company, but it is
certainly not secure against those threats. Fourth, it is almost
impossible to protect against traffic analysis
(http://en.citizendium.org/wiki/Traffic_analysis) if the enemy has
lots of resources and is moderately smart and/or determined. Even if
all your email and IM chats are encrypted so the attacker cannot read
them, he can still tell who you are talking to. Finally, encrypting
your data may draw attention; the revealed NSA documents show that
they save /everything/ they see that is encrypted, just in case they
can break it later.

Some of those are reasons for the Freedom Box. For the first, we are
trying to use only well-understood & well-tested components. Second, a
simple do-a-few-things-well server is easier to keep secure than a
desktop box or a busy commercial server. Third, you become your own
sys admin & we are trying to make that more-or-less foolproof (which
may be the hardest part of the Box project). As far as I know, we
cannot offer a defense against the last two.

Things you can use today that look trustworthy to me:

HTTPS Everywhere: a browser extension that automatically encrypts all
web connections to servers that support https. It falls back to plain
unencrypted http if the server does not do https, so it does not offer
complete protection, but it is far better than nothing and easy to
install in at least Firefox & Chrome
This could be subverted by someone like a major government or large
company who is in a position to manipulate the certificates it uses to
establish trust. I am not up-to-date on details. Google
"man-in-the-middle" plus one or more of "TLS" "SSL" "https" or "X.509"
to find them.

TOR, the onion router: anonymity provided by routing packets through a
series of nodes. This gives better anonymous browsing than HTTPS
everywhere -- safer, and more general since it works even for sites
that do not do https -- but setup is not as straightforward and it may
slow connections down. This is the only thing I mention here that
offers some defense against traffic analysis. I do not actually know
how complete or reliable that is, but I would guess pretty good.

PGP: end-to-end email encryption. This blocks snoopy mail server
admins; it is encrypted on the sender's machine and decrypted on the
recipient's so no-one in between can read it. There is a free version,
GNU GPG, included in more-or-less all free operating systems (Linux or
various BSD derivatives). I do not know if that exists for Windows or
Mac; my guess would be yes. There is also a commercial version
A few years back, I saw several people claiming that it had a far
better user interface than GPG, but that may have changed (or may not
have been true in the first place).

OTR, off-the-record (encrypted) Internet chat:

Who put a stop payment on my reality check?

More information about the Freedombox-discuss mailing list