41 votes

Secure your communications.

I have been meaning to do this for a while. I just secured my internet connection.

I used the VPN service offered by http://www.btguard.com for $9.95 a month (actually I prepaid so got the service for cheaper).

It uses 256-bit AES encryption and tunnels through a foreign server.

There are other services you can use, some cheaper, some more expensive, but what you are looking for is a high encryption VPN connection, tunneled through a foreign server, so that you don't have to deal with proxy settings and it will just work with everything.

All you have to do is configure it, and then "connect" when you want a secure line and "disconnect" when you don't care. It basically hides your IP and encrypts ALL of your traffic.

I am not affiliated with those folks and also do not necessarily recommend them. Although, they were recommended by several sources that I like. There are many services that offer the protection. Just be careful to vet them before choosing.

I do however, recommend using something from now on. The least we can do is make life a little more difficult for the NSA, DEA, and the rest the Three Letter Tyrants (TLT).

What's interesting to note is I guarantee the -real- bad guys, were already doing something like this, or far more likely something a lot stronger. 256-bit is the top end for encryption LEGALLY speaking (not technically). They are probably doing far more heavily encrypted streams.

The point is that the monitoring was never for real bad guys, as everyone here already knows.

--------------------------

Also, always make sure to encrypt wireless communications or they can be "intercepted" from someone in range. Here are some guidelines on securing your wireless network:

http://www.dummies.com/how-to/content/wireless-security-prot...

Some good WEP(worst) guidelines: https://support.apple.com/kb/HT1344

But use WPA(better) or WPA2(best) if either of those are available.

Hard wired is best.

Also, be sure to only allow direct WiFi access to your white listed MAC addresses. This functionality is built into NetGear. (It may not be in LinkSys as well, though at one point it was not).

--------------------------

I would recommend using something like Skype across a secure network to communicate, except that we all know who owns Skype now (MicroSoft), so I am researching alternatives for secure voice communications, and will update this post when I find one.

--------------------------

Final thought. If you find this useful, or think it will be useful to others, please keep it around a while. Pure informational posts tend to die a quick death around here (not enough drama I suppose).



Trending on the Web

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

What makes anybody think that

What makes anybody think that the NSA doesn't have a backdoor in the AES encryption? In the 70's when IBM created the previous encryption system DES, the NSA forced IBM to make changes to the algorithm. It was believed and accepted by industry insiders at the time that the NSA forced IBM to install a backdoor.

In 2001 NIST set up a contest to find a new encryption algorithm to replace DES/3DES. Once the cypher was accepted, NIST forced changes to make the AES algorithm, but before it was released the NSA forced changes. What those changes were is anybody's guess; however, any encryption cypher/algorithm/program which isn't approved by the NSA is illegal. I wonder why the NSA would get the final say?

Encryption may hide your communications from the general public and such, but if the government is monitoring you, then there isn't a legal encryption program on the market trustworthy.

Let us not forget that The Onion Router (TOR) was created by the US Navy. The external part of the program which is the interface that everybody calls TOR, is not actually TOR. TOR is a process which the US Navy created to hide their communications. If one thinks that the US Navy -or possibly other US Agencies- can't easily monitor what goes on via TOR, I would suggest that the individual should think a little more on the subject.

wolfe's picture

You cannot put a "backdoor" in modern implementations...

Here is why. AES is an algorithm description, not it's implementation. A backdoor would be installed in the implementation, not in it's description.

The algorithm implementation must be in 100% alignment with other implementations for it to function properly (meaning no back doors). Now, if the implementations were close with single proprietary providers, you could be correct. But they aren't. The implementations as well as the descriptions are open source and freely reviewable by the public including all those evil/good hackers.

If there were a backdoor, it would be found, quickly, and made very public.

Also, don't like AES, use something else.

The NSA/USG would rather you believe that they are all knowing to keep you from doing anything to protect yourself.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

You can get all of that for

You can get all of that for free with TOR but personally I don't think it is remotely worth it to bounce every single hit off a proxy. It will take you from 50mb per second to 1 if that.

This serms like a false sense of security to me, paying extra to not be tracked when in all reality if you're on the grid at all they can track you through any number of means.

wolfe's picture

This isn't a proxy system...

And does a lot more than that. Using something based on OpenVPN does provide significant security (if not 100% perfect). You can find some of the data on it below.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

Other suggestions

http://www.neomailbox.com/

http://www.swissmail.org/Swissmail/home/home.asp

https://www.blackvpn.com/

We all want progress, but if you're on the wrong road, progress means doing an about-turn and walking back to the right road; in that case, the man who turns back soonest is the most progressive.

-C. S. Lewis

Cyril's picture

One can also reasonably expect more initiatives based on SSSA

Still mostly a guess, but one can also reasonably expect more initiatives based on SSSA, btw:

http://www.dailypaul.com/295513/it-is-time-time-to-get-onese...

"Cyril" pronounced "see real". I code stuff.

http://Laissez-Faire.Me/Liberty

"To study and not think is a waste. To think and not study is dangerous." -- Confucius

meekandmild's picture

I'm trying Hushmail

until start mail is up

Government surveillance programs

In some countries, government sponsored projects have been set up to collect massive amounts of data from the Internet, including emails, and store them away for future analysis. This data collection is done without any search warrant, court order, or subpoena. Hushmail uses HTTPS to help protect your email from that kind of broad government surveillance.
http://www.hushmail.com/about/technology/security/

Peaceful Revolution

This is just a small part of a peaceful - we hope - revolution and restoration of our Constitutional Republic. The more individuals do such things, the more the government will react. And as is usually the case, they will overreact. When they overreact - which all tyrants do - it will chip away at their legitimacy.

______
"When the people fear their government, there is tyranny; when the government fears the people, there is liberty."

THANKS

Thanks for the info. I'm definitely interested. I try and use the Tor onion browser as much as possible, and I'm not too happy about the fact that the establishment arrested the Tormail owner in Ireland. No more Tor mail

______
"When the people fear their government, there is tyranny; when the government fears the people, there is liberty."

crietmann's picture

Encryption is civil disobedience, as is using open source.

There are some great points made here - such as the NSA (if they really wanted to) could crack any encryption used by us and that if you're using Microsoft/Google/etc. software it probably (certainly) has a back door specifically designed for the NSA.

But...it take processing power.

While we know they are building out storage (and one would assume processing power) by using encryption you are asking them to take scarce resources from task A (whether it's actual terrorist traffic or getting dirt on some congressman to sway their vote) they have to dedicate it to task B - decoding this post on the DP.

If it's just me, maybe they'll decide that they can dedicate some time to it. But what if it's hundreds of Americans? Thousands? Millions?

The task becomes that much more difficult.

I attempt to use open source solutions wherever I can. With many, many eyes on code it becomes that much more difficult for that NSA backdoor to not be identified. That's the point of prism-break.org - to get every day people in the habit of using good Internet security. If everyone does it, the NSA has a much tougher job ahead of them in violating our rights. That to me is civil disobedience in a sense, and that to me is where our freedom lies.

Give up Chrome, give up IE. Look to Firefox and alternatives, encrypt every single thing you can and let them try to deal with this huge increase in encrypted data, not the literally open-text they've been used to.

That's the game changer.

Please "Like" Prismstop.com on Facebook - http://www.facebook.com/Prismstop

Or visit us at http://www.prismstop.com to protect your whole home and mobile devices from identity thieves, hackers, government officials and other criminals.

@Prismstop on

The government couldn't give

The government couldn't give less of a shit whether you use open source. Chrome is open source and so are the vast majority of half-decent applications these days.

crietmann's picture

Chrome is not open source.

Though Google has done a lot to maintain that belief. The Chromium project is open source, which is what Chrome is built on - but it's still built by Google. I'd look for packages that have some 3rd party security reviews - that's pretty common.

Please "Like" Prismstop.com on Facebook - http://www.facebook.com/Prismstop

Or visit us at http://www.prismstop.com to protect your whole home and mobile devices from identity thieves, hackers, government officials and other criminals.

@Prismstop on

That is pretty standard.

You are technically correct but being misleading. That is absolutely normal for browsers, and to my knowledge every single browser that has ever garnered more than 1% usage has done it exactly the same way. The parts that are not open source are the parts that would show exactly how to send whatever you wanted through the browser. If what you want is a 100% open source browser I wouldn't even consider using it, it would be insecure.

wolfe's picture

that's not true.

Not even close to it. Really, do you just enjoy making things up and calling them facts? Him, misleading? No. You, outright deceptive/wrong? Yes.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

How do you know?

How do you know it's not true? It is. I'm the only one qualified to make that statement as absolute fact, since it included "to my knowledge". If you know of one that did not follow this pattern, feel free to share it.

Internet Explorer, Chrome, Firefox, and Safari however all work this way.

Perhaps there is a way to further secure the browser despite it being open source, but I would wait quite a bit before I would trust such a browser.

Is there a particular reason you go around these boards, looking for my comments, and picking a fucking fight with me? Everything doesn't have to be a godsdamn duel to the death. It's a fucking discussion, cool your shit. Even if I was completely and utterly wrong there is no need for your pissing contest mentality. There's no fucking point to going back and forth saying "I'm right, no you're wrong". I provided some reasoning and logic to back my point, and didn't say it in a snobby and rude way, the least you could do is the same.

wolfe's picture

That is simply NOT true.

Just because you include "to your knowledge" does not give you the right to make shit up and call it fact.

Firefox, Safari are open source, there is no part of it that isn't. IE, Chrome are not open source.

Furthermore, there are no "hidden" parts that aren't open source. Security does not depend on secrecy.

"Is there a particular reason you go around these boards, looking for my comments, and picking a fucking fight with me?"

You start this by claiming someone telling the truth was "misleading", and then proceed to spout things you absolutely make up and expect to not get called out on it? You basically want the right to go around pissing on everyone else without having someone piss back? Not gonna happen.

You want to be treated with respect? Fact check your statements before stating that other people are wrong. As far as the disagreements between myself and you that tend to repeat themselves, it's because you apparently enjoy saying bullshit and calling it fact.

And lastly, you commented in my thread, not the other way around. And that was not the first time that you just made crap up in this thread. And I did not get "snotty" with you, I simply called you out on absolutely making crap up.

My comment would have been kinder to you had you not said that someone telling the absolute truth was being "misleading", when in fact you were the one just absolutely wrong.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

wolfe's picture

Yes, that is definately a part of it... :)

"AES permits the use of 256-bit keys. Breaking a symmetric 256-bit key by brute force requires 2128 times more computational power than a 128-bit key. 50 supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×1051 years to exhaust the 256-bit key space."

https://en.wikipedia.org/wiki/Brute-force_attack#Theoretical...

And if you layer(SSL over AES VPN for example) your encryption, then completing that process just means that they get to start again with the next layer of encryption.

I'll chew up a lot of processing power making them decrypt the latest spam I have received or my online gaming session... lol.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

bump

to read later - thanks!

Jackson County Georgia

War is an instrument entirely inefficient toward redressing wrong; and multiplies, instead of indemnifying losses.
Thomas Jefferson

I would just as soon not live in fear.

At the end of the day, the NSA doesn't need any of my communications to kidnap me, threaten my life or my family, or even just plane kill me. I am not scared of them playing tricks on me or stealing my money(the state has a different arm to do that). I dont have anything to hide from anyone. I do not engage in any criminal activity at all, never mind anything that would actually be prosecutable under common law.

This state has already enslaved me and ruined any chance I may have had for security. They have stolen my ability to save for my future and protect myself. The only thing they can do now is bully me. Having my communications doesn't enable them in any way that they haven't been enabled in already.

The only way we can stop them is politically. If you want to be secure in your person, forget encrypting your emails. That just gives them power and authority. Instead, try and wake up your neighbor, and take some of it back.

Thomas Jefferson's statement about the consent of the governed isn't a natural right, its a natural law. The truth is right now "We the people" consent to the way we are being enslaved. The dishonest way that it has been imposed on us is inconsequential to this fact.

The only way we are going to get our freedom back is if we take it back by waking up to the madness and actually choosing those representatives that will refuse to let us be controlled. Hiding will not protect me.

Séamusín

This is part of the

This is part of the revolution. All successful insurgencies force the oppressor to overreact. What that does is reduce the tyrants legitimacy in the eyes of the masses. It's a small cut, but over time small cuts can lead to infection. When the serfs/slaves see this overreaction they are more affable in voting for a liberty minded candidate.

______
"When the people fear their government, there is tyranny; when the government fears the people, there is liberty."

bumping

to save for myself

Those who expect to reap the blessings of freedom must. like men, undergo the fatigue of supporting it.-Thomas Paine

The R3volution requires action, not observation!!!!

As long as the NSA and your isp are in bed - you are screwed

it is that simple people.

You MUST contract with and ISP(that would be the person you pay for internet service) - so your traffic WILL flow over a large corporate router at some point - actually at least two points - once on the way out and once on the way back in to your home. It MUST go through the ISP's router that connects you to the web. Here is where the dirty fingers of the NSA can get whatever they want.

Let's demonstrate.

I am posting this on the dp. When I hit save - it is going to post this message. It is going to break this big rant up into many little packets. Those packets are going to go from my computer - through my personal router - then to my ISP's router. From there it will take many paths to the DP server. But understand - it ALL will start at one router - the ISP's - it HAS to start there - that is the onramp to the highway.

This is where the NSA can easily grab the traffic. And if your ISP is in on it(which by all accounts it probably is) then the NSA merely mirrors all traffic from your ISP's router over to their servers to store the data.

The encryption will prevent Joe 25yo geek at your isp from reading your email, but I don't hold much hope it will stop the NSA. And as for hiding your ip address - well - you cant hide that FROM the isp you are getting the ip address from - so that's not much help either if the ISP just hands it over - which is exactly what they are doing.

If you are worried about joe nobody or local punk reading your stuff - go ahead and get encryption over a vpn. If you are worried about the NSA - stop using the internet(well, except to post of the dailypaul of course).

wolfe's picture

This is simply an incorrect understanding of the technology.

In fact, this technology is used to defeat ISP investigations as well as others. My ISP shows up as a random place in Canada, Asia, or Europe.

Encryption is not guaranteed. It means that it will take them several weeks to read my emails instead of instantly. If everyone does this, it makes the effort an insurmountable task for them. Further, they have no way of tracking back to my IP or ISP without going through those records in those foreign countries, possible, but once again, very difficult for them.

If you layer your encryption. For instance, SSL over VPN, it makes it that much more difficult.

Yes, these people can crack our encryption. Can they crack it quickly? No. As quickly as non cracking it all? Absolutely not. Can they crack everyone's encryption at once? Absolutely not.

Computer resources are finite.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

Wolfe- I will respectfully disagree

If I have access to the router you are using to connect to the www(which is your isp's router) - I can capture every packet in and out of your home - and I will know exactly what mac address those packets are originating from.

Routers are not some strange mystical crystals - they simply read headers and pass packets. At some point that packet HAS to know where you are and it HAS to pass through your isp's router to get back to you. And that router HAS to know the mac address of the router in YOUR home.

wolfe's picture

All encryption between me and my real ISP...

Is encrypted, without any distinguishing characteristics. So, yes, packets are going back and forth, the content is unreadable.

It doesn't become unencrypted until it reaches the foreign server, at which point an IP address at that location is used as the origination.

Therefore, my real ISP doesn't have any ability to determine what I am doing.

I could go into more detail, but your argument amounts to, "because someone can pick a lock, I won't bother to lock my door"

In security, it is commonly stated that "you cannot stop a clear and determined threat, but you can make the effort not worth the benefit".

Could they jump through the hoops to trace back content. Yes, but not quickly, not all of us, and not easily.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

I agree your isp probably doesnt have the ability

but as gh points out below - cracking your encryption at home is hard - not when you have serious processing power though like the nsa - and THAT is assuming they don't already have the key. I mean really - if I am the NSA it would be more fun to steal stuff than to crack it.

People also forget - its not like some geek is looking at your individual packets and trying to recreate them - this is all done with enormous processing power and very sophisticated data mining tools.

And to your point:
I could go into more detail, but your argument amounts to, "because someone can pick a lock, I won't bother to lock my door"

Actually - the argument is - the door has a glass pane right next to the lock - so what good does the lock do - sure it makes you feel better and in the dead of night - the breaking glass will give you a few seconds drop on someone - but then I argue the lock is not what makes you safe - the warning is - so forget the lock and the glass and install a motion sensor camera(or better yet - a dog - any dog that barks). Don't put false hopes in security that really isn't. I do lock my doors at night - but only because my family is silly enough to think it will help - so they sleep better.

wolfe's picture

Let's look at some facts, instead of assuming the NSA is --

all knowing.

First, computing power is finite. The more work we require of them to learn our grandmother's recipe, the less resources they have available to learn our grandfather's favorite dirty joke.

"AES permits the use of 256-bit keys. Breaking a symmetric 256-bit key by brute force requires 2128 times more computational power than a 128-bit key. 50 supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×1051 years to exhaust the 256-bit key space."

https://en.wikipedia.org/wiki/Brute-force_attack#Theoretical...

Now, couple that with layered encryption (i.e. SSL over AES initiated from StartPage.com)... And what do you have? Security.

In other words. Your conclusions are simply wrong. But I am glad you brought up the subject.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

I might add though wolfe,

I might add though wolfe, that while encryption does help secure the transmission of data over the internet, the data has to be decrypted again on your home computer. And with the revelation of the NSA leaks that major software companies, including Microsoft are involved with PRISM, I'm not completely convinced that our operating systems do not have a backdoor in place that could simply catch the data and relay it back at any point in time once decrypted.

And as you pointed out, it is very difficult to crack 256-bit encryption on your average PC. However, what the government has available and what the average consumer has is completely different. Dozens of processors working in parallel could crack 256-bit encryption in almost real time.

wolfe's picture

Valid point about Microsoft.

And it is of course a concern.

Check that statistics on attacking encryption I posted however for an answer to your other questions.

The Philosophy Of Liberty -
http://www.thephilosophyofliberty.com/

I don't get the point.

I don't get the point.

Please come join my forum if you're not a trendy and agree with my points of view.