“After a secret breaks in the news, Reply All re-examines how Alex Blumberg’s Uber account was hacked.”
“Wer Whatsapp liebt, sollte besser nicht weiterlesen, oder vielleicht gerade dann, denn Liebe macht ja bekanntlich oft blind.” Boris Pohler, selbst Lehrer und Vater von zwei Kindern, bennent den Preis für die Verwendung des weit verbreiteten Dienstes und erklärt, warum jeder Nutzer gegen deutsches Recht verstößt.
“Most humans can tell the difference most of the time, but if they are tired, or stressed, or in a rush, or have any number of other common obstacles to computer use, there’s a good chance they won’t notice the difference, will type their password into the wrong site, and will have their account taken over by bad guys.” Jacob Hoffman-Andrews identifies password managers as the average human’s best defence against phishing attacks.
“Welcome to this introduction to Conversations. It is gonna be a great introduction. It’s gonna be fabulous. Other instant messengers have fought Conversations for many years, but they couldn’t beat it. Just couldn’t do it. Total loosers. They’re all dead now. All the other messengers have failed. Forget WhatsApp, okay? Signal …total disaster. Threema is so bad, it’s not even a real messenger. It’s fake. Threema is a fake messenger. Converstations has got to be the best messenger in the world. It’s huge. OMEMO. You’ll love it. Best protocol. Tremendous. Absolutely fantastic. Nobody has messengers better than Conversations. This messenger is so big, you can even see it from the moon. And I am going to make you pay for it. It’s true. Important people tell me that Conversations is so great, it’s unbelievable. So great, it’s beautiful. Conversations is the best instant messenger that God ever created.”
“Among the many questions posed by Scandinavia’s embrace of mass surveillance is one that has lingered at the margins throughout the Snowden debate: Are advanced democracies any different than their authoritarian counterparts in seeking to gain broad access into the private lives of citizens?” Hugh Eakin shines a light on the underreported activities of Sweden’s FRA in spying on people everywhere.
With thanks to Michael August
“Already 20 smartphones and laptops are ours. If he wanted to, Slotboom is now able to completely ruin the lives of the people connected.” Wouter Slotboom is one of the good guys, demonstrating to Maurits Martijn his effortless ability to retrieve people’s passwords, steal their identity, and plunder their bank accounts.
“I am regularly impressed with the thought and care put into both the security and the usability of this app. It’s my first choice for an encrypted conversation.”
Signal offers private messaging and calling in one simple app. It is both free and open source. Development is supported by community donations and grants. This means that there are no hidden strings attached. Use Signal as an alternative to WhatsApp or, better still, its replacement.
“Mass surveillance creates a prison in the mind.”
“Die elektronische Post kam mit kostenlosen Diensten in Mode. Für sie zahlen Kunden nicht in harter Währung, sondern akzeptieren Werbung und meist auch die Verwertung der aus ihren Daten gespeisten Kundenprofile.” Mittlerweile bekannt gewordene Abhörpraktiken der NSA rücken immer mehr auch Fragen nach der Sicherheit von E-Mails in den Vordergrund. Die Stiftung Warentest hat 14 Provider unter die Lupe genommen: Als Testsieger gehen Mailbox.org und Posteo hervor.
“The question for us is not what new story will come out next. The question is, what are we going to do about it?” James Bamford interviews Edward Snowden, who regards the use of strong encryption in your everyday communication as a viable means to end mass surveillance.
Also watch United States of Secrets, a two-part series detailing how the US government came to monitor and collect the communications of millions around the world.
“OpenKeychain helps you communicate more privately and securely. It uses high-quality modern encryption to ensure that your messages can be read only by the people you send them to, others can send you messages that only you can read, and these messages can be digitally signed so the people getting them are sure who sent them.”
“And whoever tells you that they have nothing to hide simply haven’t thought about this long enough. ‘Cause we have this thing called privacy. And if you really think that you have nothing to hide, please make sure that’s the first thing you tell me because then I know, that I should not trust you with any secrets because obviously, you can’t keep a secret [sic]”
“Threema is a mobile messaging app that puts security first. With true end-to-end encryption, you can rest assured that only you and the intended recipient can read your messages.” Threema is my favourite instant messaging application and has been described as “a much flasher version of WhatsApp”. Its source code has recently undergone an external security audit and was found to provide a ”security level which compares favourably with the state of the art in similar messaging services“.
“The RockYou dump was a watershed moment, but it turned out to be only the start of what’s become a much larger cracking phenomenon. By putting 14 million of the most common passwords into the public domain, it allowed people attacking cryptographically protected password leaks to almost instantaneously crack the weakest passwords. That made it possible to devote more resources to cracking the stronger ones.” Dan Goodin details the many reasons you should choose your passwords even more carefully.
“The NSA has turned the fabric of the internet into a vast surveillance platform, but they are not magical. They’re limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.” Bruce Schneier works on the assumption that the NSA is able to decrypt most of the Internet.
“In a world of repressive governments and a growing reliance on insecure networks, there’s no way anyone can be sure their most sensitive messages aren’t intercepted by the forces of darkness. But you can make it mathematically improbable that all but the most well-funded snoops could ever make heads or tales of your communications.” Use Dan Goodin’s step-by-step guide to email encryption and keep your communications private.
Email encryption should be used by everyone. Here’s why.
SSH is a protocol that enables secure logins over a network. It supports the use of asymmetric encryption for user authentication. Private keys are kept locally, while public keys are stored on the remote machine.
On the local machine
Use the following command to generate a new key pairs for the local user schmidt:
schmidt@exhaustpiano:~$ ssh-keygen -t ed25519 -o -a 100
schmidt@exhaustpiano:~$ ssh-keygen -t rsa -b 8192 -o -a 100
Use an appropriate passphrase to secure the private key (don’t be tempted to use an empty passphrase).
Deploy the public key with the following command:
schmidt@exhaustpiano:~$ ssh-copy-id schmidt@pizzaposition
On the remote machine
Delete any unused host keys with the following command:
root@pizzaposition:~$ rm /etc/ssh/ssh_host_dsa_key* /etc/ssh/ssh_host_ecdsa_key* /etc/ssh/ssh_host_rsa_key*
Create the group ssh-users with the following command:
root@pizzaposition:~$ addgroup --system ssh-users
Add the local user schmidt to the group ssh-users:
root@pizzaposition:~$ adduser schmidt ssh-users
Make the following changes in sshd_config to improve on the default configuration:
# HostKeys for protocol version 2
# Specify allowed key exchange algorithms
KexAlgorithms email@example.com# Specify the ciphers allowed for protocol version 2
# Specifiy the available MAC (message authentication code) algorithms
# HostKeys for protocol version 2
# Change to no to disable tunnelled clear text passwords
Restart the SSH server on the remote machine with the following command:
root@pizzaposition:~$ systemctl restart ssh.service
Setting these options will make root logins impossible. Only users belonging to the group ssh-users may establish a connection. Access is strictly tied to the private key and the passphrase used to encrypt it. Using the private key stored on exhaustpiano, local user schmidt should now be able to remotely log into pizzaposition:
schmidt@exhaustpiano:~$ ssh pizzaposition
Enter passphrase for key '/home/schmidt/.ssh/id_ed25519':
Last login: Sun Oct 9 15:51:15 2016 from 188.8.131.52
The book SSH The Secure Shell by Daniel Barrett, Richard Silverman and Robert Byrnes is still useful today and has information on other clever stuff you can do with SSH.
“You too can get PGP set up in a few simple steps.” Jason Thomas shows just how easy it is to start encrypting your messages.