School dropout creates messaging app that foils NSA spying

Linux News

The National Security Agency has some of the brightest minds working on its sophisticated surveillance programs, including its metadata collection efforts. But a new chat program designed by a middle-school dropout in his spare time may turn out to be one of the best solutions to thwart those efforts.

Prompted by Edward Snowden’s revelations about the government’s intrusive surveillance activities, loosely knit citizen militias of technologists and security professionals have cropped up around the world to develop systems to protect us from government agencies out to identify us online and grab our communications.

John Brooks is now among them.

Brooks, who is just 22 and a self-taught coder who dropped out of school at 13, was always concerned about privacy and civil liberties. Four years ago he began work on a program for encrypted instant messaging that uses Tor hidden services for the protected transmission of communications. The program, which…

View original post 471 more words

File-Level Encryption in Linux Using ecryptfs

TrueCrypt Logo

With the NSA spying scandal, all eyes are on ways to stop the surveillance and protect privacy. Campaigns such as Reset the Net have been used to encourage and push sites and people to amp up their security methods. Disasters such as Heartbleed shows what happens if security is compromised, whether intentionally or accidentally

I used to use TrueCrypt to allocate a virtual hard disk and put my private files in that. One of the benefits of this was that TrueCrypt also supported full disk encryption and Plausible Deniability (e.g. hiding an OS within another OS). However, one of the most frustrating parts of TrueCrypt is that you allocate space and any space you do not use is lost. e.g. if you allocate 10GB, but use only 1GB, there is still 9GB left that allocated to the TrueCrypt volume, but cannot be used by the unencrypted space.

Unfortunately, I recently found out that TrueCrypt shut down, under very suspicious and mysterious circumstances. (check the related articles section below). Sure, you could use LUKS instead, or VeraCrypt (but I haven’t tried VeraCrypt), but considering I only want to encrypt a subset of my files, and not the whole partition, that might be a little overkill.

So, I investigated the ecryptfs. Details can be found on the Wikipedia page, but in short, it allows you to mount directories (it comes with a wrapper to the mount command), but unlike other mount wrappers, you are allowed to mount on top of the same directory. In other words, you can do:

sudo mount.ecryptfs ~/SecuredData ~/SecuredData

And this will take the data stored in the directory and transparently decrypt it when you try to access the directory.

If you copy data into the directory, ecrypt will encrypt it and store it in the underlying directory in an encrypted manner. When you unmount the directory, only the encrypted data is visible. If you combine the mounting process with the optional Filename Encryption, then all you see are files with garbled filenames.

ecrypt supports various encryption methods, from AES and Blowfish, to 3DES and Twofish. Obviously, the higher you choose the encryption level, the slower the access. 3DES encryption resulted in a transfer rate of 7MB/s for me, when copying to the encrypted space, and AES was 16MB/s, so balance your requirement of high encryption vs slow access.




Microsoft and Google lead coalition demanding limits on government surveillance

In October, the tech industry’s biggest companies petitioned congress to reform the US Government’s surveillance policies. Now, the firms are taking their pleas global. Microsoft, Apple, Facebook, Google, LinkedIn, Yahoo and AOL (Engadget’s parent company) have banded together to ask the world’s governments to reassess its intelligence practices. This time, however, the firms are presenting more than a strongly worded letter – they’ve laid out five core reform principals, detailed both on an official website and in full-page ads in national publications.
Continue reading

%d bloggers like this: