Privacy Tools
With CISPA on the rise, as well as other surveillance conducted by governments and big business, many people feel the need to find more security in their online experience. This page is dedicated to bringing you the best privacy tools on the internet, to protect your personal information and safeguard your data against snoopers and spooks.Crypto -
Do you have important trade secrets that you would like to protect? How about personal information such as passwords, financial/tax info or even those risque photos of your wife she surprisingly let you take when she had one to many glasses of wine. The solution? CRYPTO.
In Short, cryptographic programs allow you to store information within the program using extremely complex algorithms to password protect any file you store within the program. Sometimes, it is good to use multiple encryption programs on sensitive data such as trade secrets for business and personal information. For example: create a Truecrypt partition, then encrypt THAT partition using Kremlin - Some great crypto programs I use are:
1) Truecrypt - Download it Here
Safeguard your data against snoopers and/or adversaries. You create a partition, which is basically a locked folder for storing files that you can protect with a password. You can even add an image to the unlocking process for extra security measures. So a would be snoop would need to enter the password AND attach the correct picture in order to unlock your partition. You can also create a hidden partition within a partition, so an adversary forcing you to open your Truecrypt file can be duped as you open the "false" partition, which you will fill with non random files you don't care if people see.
Main features:
- Creates a virtual encrypted disk within a file and mounts
it as a real disk.
- Encrypts an entire partition or storage device such as USB flash drive or hard drive.
- Encrypts a partition or drive where Windows is installed (pre-boot authentication).
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
- Encryption can be hardware-accelerated
on modern processors.
- Provides plausible deniability, in case an adversary
forces you to reveal the password:
Hidden volume (steganography) and hidden operating system.More information about the features of TrueCrypt may be found in the documentation.
Algorithm | Designer(s) | Key Size (Bits) |
Block Size (Bits) | Mode of Operation |
---|---|---|---|---|
AES | J. Daemen, V. Rijmen | 256 | 128 | XTS |
Serpent | R. Anderson, E. Biham, L. Knudsen | 256 | 128 | XTS |
Twofish | B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, N. Ferguson |
256 | 128 | XTS |
AES-Twofish | 256; 256 | 128 | XTS | |
AES-Twofish-Serpent | 256; 256; 256 | 128 | XTS | |
Serpent-AES | 256; 256 | 128 | XTS | |
Serpent-Twofish-AES | 256; 256; 256 | 128 | XTS | |
Twofish-Serpent |
Kremlin Encrypt - Download it Here
In its most secure setting, Kremlin uses 160 bits of encryption key. It means that if one billion computers were each searching one trillion keys per second, it would take over 1019 years to recover a file encrypted with Kremlin. That's 10,000,000,000,000,000,000 years, much more than the life of the universe! Kremlin is so secure that the U.S. Government considers it a munition! To snoops, Kremlin is a deadly weapon.
- When you log off, Kremlin clears sensitive areas of your hard disk and wipes all records of your activities.
- Kremlin automates the process of securing your computer by scheduling
itself to secure portions of your hard disk and all used memory
when you log off your computer or your computer becomes idle.
- Kremlin can automatically encrypt files and directories when
you log off your computer and decrypt them when you log back on,
providing a transparent way to protect your files from nosy intruders.
- Kremlin provides a full-featured and secure text editor that
automatically encrypts your documents. You can e-mail a secret
memo to a co-worker from within Kremlin Text.
- You can securely remove files from your computer by dragging them to the Kremlin Secure Recycle Bin (Windows) ot Kremlin Secure Delete (Mac OS).
- Kremlin is cross-platform. You can encrypt your information on the PC and decrypt and use it on the Mac and vice versa.
If you are interested in more information on cryptography then I suggest heading over to this Cryptology Research website.
A great book on the history of cryptography is "Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age" by Author Steven Levy. The Book is extremely insightful and gives you an in depths analysis on the rise of crypto as well as some key players in the movement.
Developed by Phil Zimmerman was one of the first cryptographic programs widely available for download in the internets infancy stage. Originally PGP used the RSA algorithm, which he did not obtain the proper license for. Phil Zimmerman distributed PGP through a thirDjigzod party as to not get caught up in the crypto exportation laws of the early internet. Government agencies such as the NSA were strict on crypto exportation and required key lengths to be shorter than American releases, allowing them to snoop on international adversaries in the name of national security. After many battles with the government and their exportation laws, as well as the RSAgroup, PGP gave birth to a plethora of pro-crypto movements
and programs.
GNU Privacy Guard - GNUpg -
GnuPG is the GNU project's complete and free implementation of the OpenPGP standard as defined by RFC4880 . GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME.
Email Encryption -
Open PGP
OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann. The OpenPGP protocol defines standard formats for encrypted messages, signatures, and certificates for exchanging public keys.
Djigzo
Most email is sent as plain text. This means that anyone who can intercept email messages, either in transit or at rest, can read the content. Today, companies and governments realize that this is unacceptable. Email needs to be confidential, email needs to be encrypted.
DJIGZO offers open source products that help to automatically secure email and protect against unauthorized access of email in transit and at rest.
DJIGZO Email Encryption Gateway is a standards based centrally managed email server (MTA) that encrypts and decrypts your incoming and outgoing email at the gateway level. DJIGZO Email Encryption Gateway is compatible with any existing email infrastructure like Microsoft Exchange and Lotus Notes and has support for S/MIME and PDF encryption.
Data Leak Prevention (DLP) is a module that can be used to prevent certain information to leave the organization via email. DLP can configured to filter on credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information in one email message, and more. DLP is implemented as a filter on outgoing email.
DJIGZO for BlackBerry® is an add-on to the DJIGZO Email Encryption Gateway which can be used to send and receive S/MIME digitally signed and encrypted email from a BlackBerry® smartphone.
DJIGZO for Android DJIGZO for Android is an Android application which can be used to send and receive S/MIME digitally signed and encrypted email.
DJIGZO can be installed on most Linux and Unix based systems. Installation packages are available for Ubuntu, Debian, Red Hat and CentOS. A ready to run virtual appliance for VMware and Hyper-V is available.
Great Articles and How-To-Guides on Encryption
PC world - how to encrypt your email
Life Hacker - how to encrypt your email - PGP
Cryptography.org - Get PGP
Ghostery - Anti Tracking Tool
Your online activities are tracked by organizations, businesses, governments and other data mining companies in an effort to provide intelligence about online activities. This informaiton is typically gathered and sold to various entities for marketing purposes.
"Ghostery tracks over 1,200 trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity."
Using Ghostery helps you gain control on who is tracking, accessing and trading your personal data and online habits. There is a huge move by business and the government to allow the sharing of your activities, that is why the establishment is attempting to pass CISPA.
Download it here!
Here is some information from their website:
BROWSER | DETECTION | CONTROL | CURRENT VERSION | DOWNLOAD |
Firefox | Full detection of tracker scripts, img tags, and iframes from over 1000 data collection services | Blocking capability for each detected element | 2.9.4 | Download Ghostery for Firefox now! |
Safari | Full detection of tracker scripts, img tags, and iframes from over 1000 data collection services | Blocking capability for each detected element | 1.4.2 | Download Ghostery for Safari now! |
Google Chrome | Full detection of tracker scripts, img tags, and iframes from over 1000 data collection services | Blocking capability for each detected element | 4.1.1 | Download Ghostery for Google Chrome now! |
Opera | Almost full detection of tracker scripts, img tags, and iframes from over 1000 data collection services | Blocking capability for each detected element | 0.10.0 | Download Ghostery for Opera now! |
Internet Explorer | Full detection of tracker scripts, img tags, and iframes from over 1000 data collection services | Blocking capability for each detected element | 3.1.0 | Download Ghostery for Internet Explorer now! |
MOBILE BROWSER | DETECTION | CONTROL | CURRENT VERSION | DOWNLOAD |
Ghostery for Mobile - iOS | Full detection of tracker scripts, img tags, and iframes from over 1000 data collection services | Blocking capability for each detected element | 1.2 | Get Ghostery from iTunes Store now! |
NO Script - Script Blocker Addon for Mozilla Firefox
Direct Download Here
Many times, when you go onto a website, flash banner ads and "pop up" windows will open and display an advertisement. Sometimes malicious scripts run in order to plant viruses, steal informatioin or redirect you to other webpages . NoScript is a powerful tool that blocks Javascript and Flash scripts from running in your browser. If you trust a website, or wish to view a video (which typically uses Flash) you can allow the script to run on that webpage.
True Story, bro - I personally accessed a file sharing website which ran a script that completely funked up my internet browser. Things started going haywire and I could not regain control of my computer - So I had to reinstall my operating system. I began searching for a way to block scripts from automatically running. I wanted to pick and choose which scripts would be displayed, that is when I came across Noscript. I have been a faithful user for years and have recommended it to many people.
Details from the NoScript website:
- The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank).
- NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.
- NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
- You can enable JavaScript, Java and plugin execution for sites you trust with a simple left-click on the NoScript status bar icon (look at the picture), or using the contextual menu, for easier operation in popup statusbar-less windows.