must read: NSA feature by The Guardian
Besides the fact that the presentation of this page is awesome, this article is an excellent overview of where we are with the NSA.
NSA files decoded: Edward Snowden’s surveillance revelations explained
Besides the fact that the presentation of this page is awesome, this article is an excellent overview of where we are with the NSA.
NSA files decoded: Edward Snowden’s surveillance revelations explained
This is a great list of things, pretty similar to what I wrote about (and better written, as well)
The complete guide to not being that idiot who got the company hacked – Quartz
“Every week there are headlines about a company getting its email, website, Twitter accounts or something else hacked. The reason? In a word: Employees. “
this was posted recently at ted.com
Revelations about the NSA’s practices continue to be released, and each additional leak is more and more disturbing to me. It’s not disturbing to me in the sense that I have secrets that I need to hide from the government. Rather, I think it serves as a big wake up call about how a democracy should work, all of our safe-computing practices in general.
I believe in the liberty of your thoughts, writing, and communications. I don’t think any of us want to have all of our letters opened by the postal service, our library lending history turned over to the NSA or our Amazon.com shopping history shared with the government.
It is important to remember that emails are plaintext (like postcards), your SMS messages, and unencrypted browsing sessions are all out in the open. What you share on Facebook, on twitter, on your blog (hah!) are essentially public information.
In conjunction, there is a big difference between communications you intend for your friends, loved ones, colleagues, and the communications you intend for the public internet. Given this, we should treat these different classes of communications differently.
Finally, many of us carry a computing device with us at all times. These devices typically carry our entire address books, email, social networks. In short, our digital lives.
So, I’ve been reading a lot encryption and security recently (some people in this house might say I’ve been a little obsessed) and I wanted to share a few easy things that I think can enhance your computing security. These essentially fall in to two categories – physical security and data security.
Physical Security
The physical security recommendations I have are pretty simple:
FileVault is a feature I recently enabled on our computers. Basically it encrypts the entire hard drive so that if someone stole your laptop, they would be unable to extract any information from it. Apparently, people in the security community are unsure if there are NSA backdoors in FileVault, but for your average thief, it’s going to prevent your information from getting out there.
If you decide to enable FileVault, make sure you copy down the recovery key – there is no way to recover your data if you forget your password or lose that key. I’ve printed it (on paper) and stored the key in a safe location.
The other two items are common sense to me, but according to Apple (when they released the new fingerprint login feature, so appropriate skepticism applies) only 50% of people put a passcode on their phones.
Now as far as the security of your data in transit, things get a little more difficult, as each type of communication is a little different, and has serious tradeoffs.
Email, Chat, Text Messaging, Web Browsing
I’m only going to recommend things that I actually use. One could go crazy, using Tor all the time, but I find it to be a bit over the top.
Web Browsing
Install the https everywhere plugin for Firefox or Chrome. This will encrypt your browser communications wherever possible. Simple.
I’m using GnuPG/PGP – but no one else is. Well, not no one, but basically no one I know and communicate with regularly. And why not? Perhaps because it has a couple flaws in day-to-day use:
And yet, Email is important to me. Emails to friends and family are basically letters, and when I write a “real” email, I think it carries nearly the same weight as an actual handwritten letter. Granted, there are plenty of throw-away emails sent, one-liners probably better suited for chat or text messaging, but email still holds a reserved spot in my mind. I’ve decided I’m going to stop abusing my email (at least personal email – what do I do about work email?)
So, if you are on a Mac, I invite you to check out GPGTools. It is fairly straightforward, they have a nice “Where do I begin” setup guide and GPG Tools will integrate with a variety of Mac mail clients.
Basically, once set up you can sign or encrypt your email. Signing sends the email in plaintext, but allows the recipient to confirm that it came from you and was not modified in transit. Encrypted email does the same, and prevents it from being read in transit. Signed emails can be read on the phone or in webmail, but they include a little block of text with the digital signature.
I put up a new page containing my PGP Public Key, if you’d like to add it to your keyring and communicate with me over email securely, please do. It’s kind of fun in a James Bond-ian way as well.
Chat and Text Messaging
If you’d like to encrypt your instant messaging, download the free Adium for Mac (clients for Linux and Windows exist as well) and enable the encryption feature. Works like a charm.
If you use iMessage (the blue bubbles) on an iPhone, iPad or Computer, your chats are encrypted in transit. Yay! SMS messaging is in plaintext, so between devices, one would have to use a cross-platform messaging app. Too much trouble, I’ll deal with the plaintext nature of these communications.
Summary
There are fairly simple ways to increase the security of your computing, I hope you’ll join me in creating a more secure environment for yourself.
Tons of additional information is available on the subject, but here are a few final resources:
The Electronic Frontier Foundation
Wikipedia: Pretty Good Privacy
Gnu Privacy Guard
Update
I wrote up this entire post, and then found iPGMail, which appears to be a solution for reading encrypted mail on your iPhone. If so, that would solve one of the major hassles with encrypted email.
This blows my mind…
“I’ve created a technique for converting digital audio files into 3D-printable, 33rpm records and printed a few prototypes that play on ordinary turntables. Though the audio quality is low -the records have a sampling rate of 11kHz (a quarter of typical mp3 audio) and 5-6 bit resolution (less than one thousandth of typical 16 bit resolution)- the audio output is still easily recognizable. These records were printed on an Objet Connex500 resin printer to a precision of 600dpi with 16 micron z axis resolution.”
(Via The Loop.)
“This isn’t some standard polemic about ‘those stupid walled-garden networks are bad!’ I know that Facebook and Twitter and Pinterest and LinkedIn and the rest are great sites, and they give their users a lot of value. They’re amazing achievements, from a pure software perspective. But they’re based on a few assumptions that aren’t necessarily correct.”
Really good post from Anil Dash. Important reading if you want to understand a bit more about the ongoing skirmishes between Facebook / twitter / instagram / tumblr / etc.
iTunes 11 is out! Not following my own advice against waiting a day to install new software, I went right ahead and installed it.
I like it. The interface is intuitive. There are a few places where I was expecting something to happen as I hovered my mouse over an object, and I realized it’s waiting for me to click on everything. (They’re not really menus, more like iOS-style sheets).
The Up Next feature is cool, though more limited (at least at first glance) than the iTunes DJ feature which seems to be gone.
Time will tell if I like the new Artist and Album cover layout, or if I find myself back in the traditional column view, but on the whole – a nice upgrade. I’m glad they waited to release the new version and tweak whatever wasn’t finished!