?

Log in

No account? Create an account
Wakum Mata!
Politcally Incorrect Musings
Security and you 
29th-Apr-2006 03:57 pm
linux
I've been thinking a lot about security ever since I took a class on on government grade network encryptors. Cool stuff that.

Every email we send, instant message we type, IRC session we enter, blog we post, and file we FTP is sent clear text. Cleartext is a cryptographic term meaning that the data in a message is unencoded, or can be clearly read or seen. How often have we created "private" posts or restricted emails instead of hitting "reply all"? Lots. Some things we just don't want others to know about. It is not that you are plotting some nefarious activity, it is just the the other parties don't have a need to know.


But since everything is sent "in the clear", then how do you know an unwanted party is not reading your missive? Email is like a postcard and everyone that has access to the network can read every word you write. The NSA and AT&T are currently embroiled in a scandal where AT&T has allowed the government to have full and unfettered access to all data (phone and internet) that it controls.

You're not doing anything illegal. Why should you care?

Because the government has no legal right to know about your Great Aunt Edna's boil, your sister's gumbo recipe, or the juicy gossip about your neighbor's nocturnal (and loud) activities.

Every time we send Cleartext data, we abdicate our constitutional rights (4th amendment). However, if you do start encrypting everything, then the government is going to be watching you thinking you have something to hide. If enough people start encrypting, there is no way they can crack every message. They will be back to searching only those people that are actually involved with something illegal than defacto suspecting everyone of something and searching all data. Yes, that is a lot of Cleartext data, but I assure you, the government has the ability to parse it all out and look for whatever keyword they want regardless if you are only sending a news article on terrorism to a friend. The keywords get hit, and you become a suspect in a non-existent crime. All this happens transparently to you. You'll never know you've been investigated. Wouldn't the government resources be better spent on tracking actual criminals rather than data mining your post on the combustible properties of cooking oil that you discovered last night?


Here is what to do - get encryption software:
Get Gaim.
Gaim is a IM chat client for Windows and Linux that handles multiple protocols (MSN, Yahoo!, IRC, AOL, Jabber, Napster, etc.) and has a plugin for security for Windows and Linux called "Off The Record" (or OTR). I use Gaim and it works flawlessly. It also has a "buddy pounce" feature that is really cool!

Get SIMP.
SIMP Lite is Secway Instant Messenger Privacy encryption software for MSN Messenger. However, at this time you will not be able to have secure conversations with those people (like me) that use non-Microsoft products to chat over MSN. I use Gaim and, sometimes, aMSN.

Get PGP.
PGP is a public key encryption software. That means that there are two keys. One key (your public one that you give to anyone) will only encrypt. Your private key (never give it to anyone) will only decrypt. Anyone will be able to send you a private message that only you can read. PGP integrates well with Outlook and other major email programs.
This page was loaded May 27th 2018, 8:06 pm GMT.