Encryption

About me

Micky Metts FreeScholar

Drupal Hacker - Industry Organizer - Pioneer and early adopter of technologies. I am a member of Agaric, a worker owned cooperative of developers, and a member of LibreBoston, an outreach group that is a sub-group of BLU, the Boston Linux Users Group.

I speak about free software for social justice and cooperative community building - networking, privacy and security.

My presentations at Drupal conferences and other events in the USA have been on topics including VoIP, free software and Cooperative business models and strategies.

Agaric.com

Why Encryption?

Encryption protects our data. It protects our data when it's sitting on our computers and in data centers, and it protects it when it's being transmitted around the Internet. It protects our conversations, whether video, voice, or text. It protects our privacy. It protects our anonymity. And sometimes, it protects our lives.~ Bruce SchneierInternationally renowned security technologist, called a "security guru" by The Economist. He is the author of 13 books -- including Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

Tails GNU/Linux Operating System

GnuPGP - Secure Email

OTR Instant messaging

TextSecure Text messaging

RedPhone Voice calls

Signal Text and Voice

The Tor Project - Browser

Free Tools for Encryption

The Basics

You will have the best security through use of the best practices, which do require more in-depth understanding. Never under estimate the power of a strong and oft changed password for the best protection.

You will still significantly reduce public leaking of your information by simply making sure no one can get your key or it's password

If you have very sensitive data it is advised that you use Tails as an operating system from a bootable DVD, USB flash drive or flash memory card.

Encrypting your hard drive is encouraged.

Full Disc Encryption (FDE)

We will not be covering Full Disc Encryption because it can be very complex and is very OS dependent. There are many different ways to secure your hard drive.

Encrypting your hard drive is encouraged.

https://en.wikipedia.org/wiki/Comparison_of_disk_encryption_software

Wikipedia.org gives the best overview and comparison chart for hard drive encryption software, both proprietary and free (as in liberty)

TrueCrypt is now powering VeraCrypt https://veracrypt.codeplex.com/

TrueCrypts Web page redirected itself to a SourceForge repository, with the following warning: WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues, This page exists only to help migrate existing data encrypted by TrueCrypt.

Tor Project

Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network.Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destinationThe variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

https://www.torproject.org/

Tails

The Amnesic Incognito Live System

Tails is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer's original operating system. It is Free Software and based on Debian GNU/Linux.

Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc.

Tails and Tor

Tails relies on the Tor anonymity network to protect your privacy online.

All Internet traffic to/from Tails goes through Tor, making it resistant to end user mistakes. Tails is not normally installed on a computer, instead it's run from a bootable DVD, USB flash drive or flash memory card.

https://www.torproject.org/download/download-easy.html.en

OpenPGP

Enigmail ThunderbirdUses GnuPG to sign and encrypt e-mail with the OpenPGP standardMailvelope Gmail Uses OpenPGP.js, a JavaScript implementation of the OpenPGP protocol

A standard for encryption tools and protocols which are most often used to send secure email: email that only you and your intended recipients can read, that can also carry assurance that the sender is who they claim to be.

GnuPG is the most common implementation of OpenPGP.

What is GnuPG?

It is a combination of symmetric-key (speed) and public-key (secure key exchange) cryptography techniques. Before the encryption of an email or any file, a session key is automatically generated. That key is used only once for the encryption of the plaintext and then it is encrypted using the public key of the recipient. Only the recipient, who is the holder of the corresponding private key, can decrypt the session key and then move on to decrypting the ciphertext (i.e., the data previously encrypted by the sender, using the exact same session key)

https://emailselfdefense.fsf.org/en

GnuPG - GNU Privacy Guard provides the underpinning of a free software OpenPGP implementation.

Enigmail

Key Management

Mailvelope - Gmail

Off The Record

PIDGIN: for GNU/Linuxand Windows Pidgin is a chat program which lets you log in to accounts on multiple chat networks simultaneously. https://pidgin.im/

ADIUM: for mac

Adium is a free instant messaging application for Mac OS X, it workswith multiple chat networks

Secure Instant Messaging.

OTR - Plugin

OTR Screens

TextSecure and Redphone

TextSecure and friends (Redphone) are now one app called Signal by Whisper Systems - available from Google Play or Apple's IOS appstorehttps://whispersystems.org/

Open Whisper Systems is funded by a combination of donations and grants, and all of its products are published as free and open-source software under the terms of the GNU General Public License (GPL) version 3

= Signal

Redphone

TextSecure

Signal

Signal by Open Whisper Systems, works on your computer and on your phone. https://whispersystems.org/

Signal is still highly recommended by almost everyone from Edward Snowden on down for security and ease of use. It no longer does anything with SMS, considering it too inherently insecure.

No Guarantees

Why are there no guarantees of security?

Answers from the Group

It is an arms race. Once a solution appears to be impenetrable, attempts to break it increase.

Humans are involved.

Resource Links

Tails GNU/Linux Operating Systemhttps://tails.boum.org

OTR Instant messaginghttps://otr.cypherpunks.ca

Signal Text and Voicehttp://whispersystems.org

The Tor Project Browserhttps://www.torproject.org

Enigmail - Thunderbirdhttps://www.enigmail.net

Mailvelope - Gmailhttps://www.mailvelope.com

GnuPG Emailhttps://emailselfdefense.fsf.org/en

More Resource Links

https://freenetproject.org

https://crypto.cat

https://www.gnu.org/software/gnuzilla

http://truecrypt.sourceforge.net

https://www.grc.com/misc/truecrypt/truecrypt.htm

https://veracrypt.codeplex.com

VeraCrypt Hard Drive Encryption

Ring - A secure and distributed voice, video and chat communication platform http://www.ring.cx

DiskCryptor (full disk encryption)https://diskcryptor.net/wiki/Main_Page

AxCrypt (file encryption)http://www.axantum.com/axcrypt

AESCrypt (file encryption)https://www.aescrypt.com

GNU/Linux - Windows - MacOSX

Thank you for joining me today, I look forward to more discussions

Contact: micky@agaric.com

Agaric.com

Presented by: FreeScholar Micky Metts of Agaric