BARBELITH underground
 

Subcultural engagement for the 21st Century...
Barbelith is a new kind of community (find out more)...
You can login or register.


Underground > Laboratory >

Privacy Repository

  
 
Francine I
04:56 / 23.09.06
It seems like a good idea to post a laundry list of tools and methods for securing data and communications, so without a whole lot in the way of foreword, I'm going to mention a few technologies. Hopefully this will be useful for someone, and better yet, perhaps others will add to the list.

On the "handy tools" side of things:

* If you use instant messaging for communication in a personal or professional capacity, you might be interested in GAIM. GAIM is a multi-plaform (Win32, Mac OS X, Linux, etc.), open-source instant messaging application which supports most of the popular instant messaging methodologies (Yahoo! IM, AIM, et alia). GAIM is extensible via plug-ins, one of which is OTR, or "Off the Record", which allows for rather painless encryption between two GAIM clients using any protocol/messaging suite supported by GAIM.

* Enigmail is a Thunderbird extension. Thunderbird, as is probably well known, is the Mozilla foundation's stand-alone complement to Firefox, and is a fairly robust and somewhat popular open-source mail client. Thunderbird, like GAIM, is largely platform agnostic. Enigmail makes for semi-transparent encryption, decryption, and signing of GNUPG-encrypted mail.

* If Google is a favourite search engine of yours, you might consider disarming Google's alarming ability to build a profile of who you are and what you're interested in by using the Scroogle proxy for your searches.

On the cautionary side of things:

* If you use MySpace, you might consider that the NSA is probably indexing your profile, your connections to the profiles of others, and so on.

* If you use Gmail, it would behoove you to keep in mind that a lot of people think that Google's privacy policy and technological underpinnings are, well,creepy. A reasonable approach to some of these issues is offered by EPIC.

* Regarding Google in general, remember: they run Blogger, Orkut, Gmail, Writely, Google Spreadsheets, and of course the search. They can cross-reference data from any of their services as desired.

That's it for now. If anybody has questions regarding the tools mentioned above, I'll do my best to provide answers or reasonable facsimiles thereof.
 
 
grant
16:00 / 25.09.06
What kinds of things do you think are important to keep private and why?
 
 
Axolotl
18:30 / 25.09.06
Thanks for the info Frankly and there's certainly plenty of useful stuff there. I'd like to join Grant in asking what data do you consider worth encrypting?
I used to be far more paranoid about securing my data, but then I realised
a) I really don't have anything worth snooping through.
b) Without going to an awful lot of trouble I doubt that I could stop the CIA/NSA/MI6/whoever actually breaking any crypto I do have.
c) The more effort I put into securing my e-mails the more chance I had of drawing attention to them.
The 3 factors put together means that I gave up on encrypting everything, especially once I started using computers at work, as I'm certain that any signs of trying to maintain my privacy on their systems would be an easy way of getting the sack.
IMHO unless you are discussing business critical details or planning a revolution I'm just not certain crypto is always necessary.
However I admit I may have just let my natural apathy overcome my paranoia, so would be more than willing to revise my opinions.
 
 
Olulabelle
09:59 / 26.09.06
All those links are really interesting, thank you.

I have to admit I am very naive about information security and I didn't know anything about the gmail issues until I just read it in the links. But I weas under the impression that Google was one of the 'good guys' - isn't their motto "Don't be evil."?

I think for lots of people like me changing the habits you have (I.E for a browser, google for a search engine, blogger for a blog) seems like a hassle when what you have works well, and I suppose that's what they bank on; the apathy of the people means they just don't bother trying to keep things private. I'm aware I should change things, I just haven't.

I like scroogle though.
 
 
Saturn's nod
12:21 / 26.09.06
About surveillance, this guy on the internet, Cobb, writes:

"The question lies primarily in understanding what your value is as a target of investigation."

"They had terabytes and terabytes of data but all the compute time it took to mine it for potential savings based upon the gathered information was so expensive in terms of expertise that it wasn't worth it to try and process it. They told us to shutup about it because they wanted their competitors to believe that they actually were doing it so that the competitors would buy the same huge Sun servers and Oracle software that didn't work for them. They just sat on top of the data and squirreled it away in hopes that someday data mining techniques and supercomputing would get cheap enough to do it. Safeway basically should have done what Walmart did, just forget marketbasket analysis and customer profiling and deal with basic supply and demand for the purposes of smarter pricing. Profiling is a much more difficult problem."

Which I thought was really interesting as well as being hilarious and thought I'd share it with you all.

Also worth linking here I think to the thread in Art Fashion & Design forum about producing some stuff on imaginary futures, with a surveillance theme.
 
 
Francine I
15:38 / 26.09.06
Grant and Axolotl ask "What kinds of things do you think are important to keep private and why?" - a good question. I suppose this rubs out to personal lifestyle and preference. As Axolotl says, "unless you are discussing business critical details or planning a revolution I'm just not certain crypto is always necessary." This is true, but the operative word in this sentence is always. For most, it isn't practical or necessary to incur the burden of ensuring data privacy all of the time. I would, however, put to you that if you've got the sort of lifestyle or occupation that makes this less of a pain for you than it is for most, you might view this as a sort of protest. A deliberate "time-suck" used to reduce the cost-effectiveness of mass surveillance programs.

I like to assess my privacy by few tiers -

i. Retroactive societal punishment: Are the views you profess today going to be tolerated tomorrow? Do you care? How do you wish to be represented, should someone review all of your online communications in the last ten years? Do you want all of what you've said to be available for review? Some of it? None of it?

ii. Capitulation to surveillance society: Do you approve of mass surveillance? If not, are you interested in gumming up the gears? Would you rather leave it alone? Do you not care, since you've "nothing to hide"?

iii. Consumer's rights: Is it acceptable to you that you're helping to feed the development of ever-more-clever guerilla marketing techniques? That predictive profiles are built regarding your preferences and activities? That this data can be and is shared between distinct entities, and that the line between this tier and the first is indistinct? In the U.S. in particular it requires little more than hand-waving on the part of the government to requisition data maintained by corporate entities, who themselves are required to do very little in terms of protecting your privacy. Identity theft would also fall into this category.

It seems to me that most people, after asking themselves these questions, find themselves wishing they'd done more to protect their privacy.

Last but not least, Lula -

"I was under the impression that Google was one of the 'good guys'"

Indeed - again, the blurry lines. Their motto is "don't be evil", but they are notoriously vague about privacy concerns, they reserve the right to retain any and all data they gather from you for an indefinite period, and finally - the kicker - it's not always a question of what Google (or the Google of today) may or may not do with your data. They may lose control of it. Their corporate philosophy could change. They could be disingenuous. They could be honestly telling you that they won't be evil, but they might sell your data to someone with entirely different motivations and policies.

It is difficult to change habits once you've become entrenched, there's no doubt that. However, you might find yourself pleased with the alternatives (at least in terms of using something like Word Press over something like Blogger).
 
 
COG
12:33 / 29.09.06
The fundamental problem here seems to be the sheer persistance of every last scrap of info that gets produced by our activity. We really are at the beginning of the new way of doing things and it's no surprise that we're all floundering around trying to conceptualise how that will affect us. E.g. in the past, unless your phone calls were being recorded specifically, what you said was gone in a second. With the advent of VOIP and a future where voice calls/video calls/insert future tech here calls, all pass through the digital realm and are therefore archivable, how comfortable will you feel having those late night/drunken/emotional/loving conversations searchable by someone, somewhere?
 
 
Unconditional Love
02:31 / 30.09.06
Privoxy Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, modifying web page data, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks, This app may look complex but it isnt and has well supported documentation.

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. Another relatively easy to use app.
 
  
Add Your Reply