So, perhaps we’re not living in the totalitarian police-state nightmare George Orwell predicted for 1984 over half a century ago. There are no constantly-monitoring television consoles, no Ministries of Peace, Love and Truth, and no perpetual war between Oceania, Eurasia and Eastasia. Yet, with the dawn of the Internet, our obsession with surveillance and the “only-criminals-are-afraid-of-cameras” mentality taken by the western world following the September 11 terrorist attacks, society faces threats to privacy not even Orwell could envision. Even without subscribing to Slashdot-esque paranoia and covering everything in sight with tinfoil, it’s still a good idea to give as little information as possible to people such as internet advertisers and information thieves. Luckily, a host of new technologies designed to improve privacy and combat the ever-encroaching hands of government have become popular in recent years. Protecting personal information and correspondence with industrial-strength cryptography is now easy, thanks to a bunch of high-quality open-source tools.
Step 1: Email encryption
In our last installment, this column advocated switching from a mail client like Outlook Express to a more stable, open-source one like Thunderbird (mozilla.org/thunderbird). Enigmail is a plug-in for that very client which integrates the extremely powerful Gnu Privacy Guard (GPG) program with an easy-to-use interface, meaning messages, once encrypted, are only readable by their intended recipient. This allows fast and secure encryption of email with seamless integration into Thunderbird, allowing users who’ve never seen a command-line to use one of the most effective encryption solutions on the planet.
Enigmail
enigmail.mozdev.org
Step 2: Anonymous browsing
One major issue with using wireless internet is its vulnerability to packet-sniffing. Despite what you may think, packet-sniffing is the act of monitoring network traffic for useful information, whether the information is that of the person doing the sniffing or a complete stranger. On insecure networks,
everything from FTP passwords to MSN conversations can be sniffed. One countermeasure is to use a technology called
VPN Tunnelling, where one computer connects to another, creating an encrypted “tunnel” for internet traffic. This means sniffers only get a stream of gibberish. iPig is a super-easy implementation of this for Windows, involving no more configuration than creating an account and downloading the client. Those super-paranoid types in the crowd can even download a personal version of the server to be installed on a secure computer somewhere, allowing transparent, secure surfing anywhere. Mac users can use Tunnelblick, though they’re stuck finding their own server to tunnel through.
iPig
iopus.com/ipig
Tunnelblick
tunnelblick.net
Step 3: Disk encryption
Of course, none of this will make a whit of difference if the system itself is insecure and physically stolen. Yep, it’s that old “the only secure computer is buried in concrete” maxim again; physical security is key. Unfortunately, most people don’t have the financial resources to hire mercenaries to guard their precious data, so Plan B is to make the data unusable if the drive is intercepted. There are two routes to doing this, one being to encrypt the entire hard drive, the other being to create encrypted virtual partitions. That sounds scary, but really it’s not. Apple OS Xhas a feature called “FileVault” that allows on-the-fly encryption of home folders, meaning it happens automatically. Plus there’s always a master password to prevent unintentional data loss. To enable this, go to System Preferences, Security, and click “Turn on File Vault.” Windows XP Professional users have a similar feature built into the operating system, just right-click a file or folder, go to Properties, click the “Advanced” button and then check the “Encrypt contents to secure data” check box. It won’t do anything against the NSA or Illuminati, but at least one can rest easy knowing yesterday’s steamy chat-logs are protected from curious roommates and siblings alike.
Step 4: Nervous twitch
Finally, for the truly paranoid, tinfoil hat-wearing Slashdot nerds, there’s Tinfoil Hat Linux, a bootable Linux distribution that fits on a single floppy disk and is designed to thwart everything from keyloggers to the US government’s TEMPEST program. Those less nerdy but equally paranoid can just make a tinfoil hat to guard against alien mind-reading technology. The truth is out there.
Tinfoil Hat Linux
tinfoilhat.shmoo.com
Tinfoil Hat, uh, directions
zapatopi.net/afdb/build.html