It’s that time of year again! Data Privacy Day! What follows after the jump is an aggregation of posts I’ve written about data security as well as a commentary on web-browsers and a how-to guide for using TOR safely.
As is the case every year, Data Privacy Day rolls around and I come dangerously close to forgetting about it. This year, I was saved by Mauricio Prinzlau over at Cloudwards who reminded me to write something and gave me a useful article he wrote entitled “Data Privacy Day 2015: Top Experts Comment on Privacy Issues (+Infographic)” which I will use in this post and strongly recommend you read. To recap, however, last year I wrote a post about staying secure online and my personal security setup and published a PDF version. This year I intend to write a more general post about current security trends, some new tips to stay safe, and some nice infographics. As usual, I’ll see you after the jump!
But, inspired by a the comment “dude, truecrypt is dead” that I saw on IRC, I want to write a short statement about TrueCrypt. Now it’s no secret I’m a TrueCrypt fanboy so this will be a tad biased, but please hang with me.”
Since 2004, TrueCrypt has been the go to OTF encryption tool and has served probably millions of users (myself included). TrueCrypt had been in active development getting to version 7.1a when, on May 28, 2014, truecrypt.org displayed a very odd message warning of the insecurity of the software.
Table of Contents (ToC Links not Working Yet)
Part 1. Introduction
In light of revelations about the NSA’s role in illegal domestic surveillance (x), and this terrifyingly hilarious photo inside a US army base (fig. 1), downloads of anonymity programs and browsers such as Tor (The Onion Router) have skyrocketed as people become more aware of what the government is doing and what “privacy” actually means. In fact, usage of Tor is up by over 100% and the so called “Dark Web” has risen to the Scroll to bottom spotlight. This surge, however, has been met with a downside – a false sense of security. The aim of this post will be to share the methods I use to keep information private and methods that one could use to attempt to remain anonymous on the internet. (Later posts may, if the need arises, be centered around specific security aspects)
Now this being said, there are a few disclaimers:
- The most obvious – I choose to share information about me on the designated page not because I do not know how to be secure, but because I am willing to share this much. I am also willing to stand by my convictions, thus I sign my name. That being said, incognito personas are fun and I maintain a few.
- There is rarely, if ever, total security. Someone wiser than I once said “a false sense of security is worse than being unsure”. The point of this post is to give you the tools to try to be secure.
- These are just the tools I use, if you want to complain, use the comments section or, as will be linked to throughout the post, read some other article.
- Finally, I am no expert in the academic sense of the word, rather, I am an enthusiast who wants to learn and share what he has learned. As such, don’t take my explanations with the same rigor as you would Jacob Appelbaum or Bruce Schneier.