Contents
- Crypto and Anonymity solutions for Desktops
- Crypto and Anonymity solutions for Smart Phones
- Crypto for Tablets
- Crypto for other
Crypto and Anonymity solutions for Desktops
GNU/Linux
Secure Data Transfer
Secure Copy
Most GNU/Linux distributions come with a 'built-in' set of tools using the Secure Shell (SSH). One such tool is SCP or Secure Copy'. This is an excellent way to transfer files to a remote machine, whether on your own network or elsewhere on the Internet. Like SSH, SCP requires you have a login on the machine you are copying to. The syntax for almost all uses is as follows, typed into a terminal program (like xterm, gnome-terminal, KTerm):
scp <file> <user@remote-host>:<path>
So, a user called craig would copy a white-van.jpg into the images directory on the server at http://whitevanwatch.org like this:
scp white-van.jpg craig@whitevanwatch.org:images/
Copying can also be done in reverse.
For craig to securely copy the file tin-foil-hats.zip from the archive directory of remote server http://paranoia-r-us.com to the local directory party-tricks, one would:
scp craig@paranoia-r-us.com:archive/tin-foil-hats.zip party-tricks/
SFTP
SFTP is an implementation of the popular File Transport Protocol (or FTP) that uses Secure Socket Layer connections (SSL). This creates a secure tunnel between you and the remote machine, in a manner similar to an online-banking site or Google's GMAIL. It's worth mentioning that SSL uses Certificates for its connections, many of which are developed and sold by companies called Certificate Authorities. These CAs may work with governments to allow interceptors and snoopers to listen in on the communications. For this reason some organisations 'self-sign' their certificates, to be sure that they can't be intercepted by third parties.
An SFTP capable client that we recommend for use on Linux systems is GTFP, available on most distributions via a package manager.
Anonymous Browsing
Tor Browser Bundle
Browsing without your browsing session being recorded and/or studied by unannounced third-parties is an increasing issue on the Internet. Some years ago the TOR project was formed, which uses a technique called Onion Routing to route your packets through an international network of TOR nodes whose entry and exit nodes in relation to you are changing all the time. This makes it extraordinarily difficult to prove you were the source of an resource request on the WWW.
Go to the Tor Browser Bundle webpage at Tor Project Tor Browser Bundle and scroll down to find the software for installing on Linux in the language of your convenience. Save it somewhere, and follow the instructions.
If it's all a bit too confusing, download the convenient howto video.
Use country specific exit nodes
Choose your Nodes using this page: http://torstatus.blutmagie.de/index.php
Copy Nodes' Fingerprints and add those to your .torrc file, as follows:
ExitNodes E30F F6DE 00ED F043 2BFE 4A62 A740 20F9 72B9 2F73, 0E83 96C9 DE53 C22D 1D5A 9D9C 080D AFB5 BAEF FD8F, 0C39 59CC 1BEC DD7A E2CA D7B7 AC4B 00E1 98D5 3C82 StrictExitNodes 1
Alternatively you can exclude specific countries from Nodes list:
ExcludeNodes {be},{pl},{ca},{za},{vn},{uz},{ua},{tw},{tr},{th},{sk},{sg},{se},{sd},{sa},{ru},{ro},{pt},{ph},{pa},{nz},{np},{no},{my},{mx},{md},{lv},{lu},{kr},{jp},{it},{ir},{il},{ie},{id},{hr},{hk},{gr},{gi},{gb},{fi},{es},{ee},{dk},{cz},{cy},{cr},{co},{cn},{cl},{ci},{ch},{by},{br},{bg},{au},{at},{ar},{aq},{ao},{ae},{nl},{de},{fr}
StrictExitNodes 1In the example above US country code is missing which will make Tor only use US exit nodes
Also see: http://www.guptamayank.com/how-to/change-ip-address-to-any-country-specific-ip-address-tor
Anonymous Searching
Search anonymity is also important, especially when using big centralised services like Google. Your searches can be recorded by the search engine provider and used later to build a dossier of you and your interests.
Googlesharing
One solution to the problem of anonymity while searching is to pool queries such that, from Google's perspective, they appear to come from one source. Google Sharing is an excellent plugin for Firefox that provides this functionality. It can also be installed using the Tools->Add-ons interface in Mozilla Firefox.
Currently, Googlesharing is in Beta and is only available for Firefox.
SRWare Iron
Chrome allows users to surf under "Incognito Window" but, if you want to go one step further and make all your movements invisible, you might want to try its non-evil twin Iron, who starts by disabling all the conspicuous Chrome's data collecting features that feed the biggest search engine in the Internet and allows you to keep your movements to yourself. Iron is also based on Chromium so you can use all your favorite Chrome extensions.
Linux users can download the packages here.
Secure Browsing
HTTPS Everywhere
HTTPS Everywhere is a Web browser extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation that encrypts your communications with many major websites, making your browsing more secure.
Beware though: HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere include a ruleset. If sites you use don't support HTTPS, ask the site operators to add it; only the site operator is able to enable HTTPS. There is more information and instruction on how server operators can do that in the EFF article How to Deploy HTTPS Correctly.
Firefox users can download it here.
Virtual Private Networking
OpenVPN
OpenVPN allows you to create your very own network (alike LAN - with 'private' IP range) and attach your device to it over the Internet. An 'overlay' network is created using Internet connectivity as its physical layer - traffic inside your VPN network is securely 'encapsulated'. OpenVPN server can be used as a 'router' or an 'exit node' (using TOR terminology) allowing to route your Internet traffic via the server while not exposing your personal IP address.
http://openvpn.net/index.php/open-source/documentation/howto.html Original OpenVPN documentation. Create your own server and connect to it.
Free VPN service providers
http://www.vpnsp.com/free-vpn-trials.html List of free VPN providers.
OpenVPN compatible, free accounts
https://www.privatetunnel.com/index.php register, confirm via email, goto 'My Account', goto 'Download User Profile', save .ovpn file (limited to 100 MB -- afterwards: 12 USD for 50 GB).
Useful links
http://www.zeentan.com/wp/openvpn-with-ovpn-file-linux-mint
Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications.
GNUPGP is a command line program for use on GNU/Linux systems, designed to interoperate with PGP and will be available on nearly all GNU/Linux distributions via the package manager. One installed, here's a quick HOWTO for getting going with GNUPGP. Here's a guide for using it with the popular email client Evolution and Here's a program called Enigmail with Mozilla Thunderbird, enabling you to get up and running quickly.
DNS Tunnelling
Neither encrypted nor obfuscating location, this is a technique to transport traffic in DNS requests. Use cases could be bypassing heavy corporate firewalls, unsecured but otherwise restricted public wifi access points, etc.
Anti cookie-tracking
Companies, ad agencies, mafia and governments are tracking you online. There are ways to stop that from happening
http://www.donottrackplus.com/learn/wit.php
...
OS X
Secure Data Transfer
Secure Copy
OS X comes with a 'built-in' set of tools using the Secure Shell (SSH). One such tool is SCP or Secure Copy'. This is an excellent way to transfer files to a remote machine, whether on your own network or elsewhere on the Internet. Like SSH, SCP requires you have a login on the machine you are copying to. The syntax for almost all uses is as follows, typed into the OS X Terminal program:
scp <file> <user@remote-host>:<path>
So, a user called craig would copy a white-van.jpg into the images directory on the server at http://whitevanwatch.org like this:
scp white-van.jpg craig@whitevanwatch.org:images/
Copying can also be done in reverse.
For craig to securely copy the file tin-foil-hats.zip from the archive directory of remote server http://paranoia-r-us.com to the local directory party-tricks, one would:
scp craig@paranoia-r-us.com:archive/tin-foil-hats.zip party-tricks/
SFTP
SFTP is an implementation of the popular File Transport Protocol (or FTP) that uses Secure Socket Layer connections (SSL). This creates a secure tunnel between you and the remote machine, in a manner similar to an online-banking site or Google's GMAIL. It's worth mentioning that SSL uses Certificates for its connections, many of which are developed and sold by companies called Certificate Authorities. These CAs may work with governments to allow interceptors and snoopers to listen in on the communications. For this reason some organisations 'self-sign' their certificates, to be sure that they can't be intercepted by third parties.
We recommend the SFTP client for OS X Fugu
Anonymous Browsing
Tor Browser Bundle
Browsing without your browsing session being recorded and/or studied by unannounced third-parties is an increasing issue on the Internet. Some years ago the TOR project was formed, which uses a technique called Onion Routing to route your packets through an international network of TOR nodes whose entry and exit nodes in relation to you are changing all the time. This makes it extraordinarily difficult to prove you were the source of an resource request on the WWW.
Go to the Tor Browser Bundle webpage and scroll down to find the software for installing on MacOSX in the language of your convenience. Download the file , save it somewhere, then follow the instructions.
If it's all a bit too confusing, download the convenient howto video.
Googlesharing
Currently, Googlesharing is in Beta and is only available for Firefox. One solution to the problem of anonymity while searching is to pool queries such that, from Google's perspective, they appear to come from one source. Google Sharing is an excellent plugin for Firefox that provides this functionality. It can also be installed using the Tools->Add-ons interface in Mozilla Firefox.
Anonym
Anonym is a network access anonymizer for Safari. It allows you to hide your IP address when browsing, using FTP or mail servers, using SSH, Telnet, IRC or other network tools. Anonym supports http, https, ftp, stream, gopher, socks4 and socks5 proxy protocols. It features also a dedicated socks bouncer and a terminal session manager. This tool allows you to connect to remote ssh/telnet/rsh/ servers using open socks.
Download it here.
SRWare Iron
Chrome allows users to surf under "Incognito Window" but, if you want to go one step further and make all your movements invisible, you might want to try its non-evil twin Iron, who starts by disabling all the conspicuous Chrome's data collecting features that feed the biggest search engine in the Internet and allows you to keep your movements to yourself. Iron is also based on Chromium so you can use all your favorite Chrome extensions and works in all platforms.
Download it here.
HTTPS Everywhere
HTTPS Everywhere is a Web browser extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation that encrypts your communications with many major websites, making your browsing more secure.
Beware though: HTTPS Everywhere can protect you only when you're using sites that support HTTPS and for which HTTPS Everywhere include a ruleset. If sites you use don't support HTTPS, ask the site operators to add it; only the site operator is able to enable HTTPS. There is more information and instruction on how server operators can do that in the EFF article How to Deploy HTTPS Correctly.
Chrome users can download it here.
Virtual Private Networking
OpenVPN
OpenVPN allows you to create your very own network (alike LAN - with 'private' IP range) and attach your device to it over the Internet. An 'overlay' network is created using Internet connectivity as its physical layer - traffic inside your VPN network is securely 'encapsulated'. OpenVPN server can be used as a 'router' or an 'exit node' (using TOR terminology) allowing to route your Internet traffic via the server while not exposing your personal IP address.
http://openvpn.net/index.php/open-source/documentation/howto.html Original OpenVPN documentation. Create your own server and connect to it.
Free VPN service providers
http://www.vpnsp.com/free-vpn-trials.html List of free VPN providers.
OpenVPN compatible, free accounts
https://www.privatetunnel.com/index.php register, confirm via email, goto 'My Account', goto 'Download User Profile', save .ovpn file (limited to 100 MB -- afterwards: 12 USD for 50 GB).
Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications.
GPGMail is a popular tool for use with OS X systems. At the time of writing it is not functioning on OS X Mountain Lion.
Windows
Secure Data Transfer
Secure Copy
The Secure Shell (SSH) is a remote shell environment for UNIX and UNIX like machines. Software clients have been written for Windows systems that allow users to make SSH connections with a remote machine. One very useful tool that comes as part of the SSH suite is SCP or Secure Copy.
WinSCP is a software that provides this functionality.
SFTP
SFTP is an implementation of the popular File Transport Protocol (or FTP) that uses Secure Socket Layer connections (SSL). This creates a secure tunnel between you and the remote machine, in a manner similar to an online-banking site or Google's GMAIL. It's worth mentioning that SSL uses Certificates for its connections, many of which are developed and sold by companies called Certificate Authorities. These CAs may work with governments to allow interceptors and snoopers to listen in on the communications. For this reason some organisations 'self-sign' their certificates, to be sure that they can't be intercepted by third parties.
We recommend using WinSCP as an SFTP client.
Anonymous Browsing
Tor Browser Bundle
Browsing without your browsing session being recorded and/or studied by unannounced third-parties is an increasing issue on the Internet. Some years ago the TOR project was formed, which uses a technique called Onion Routing to route your packets through an international network of TOR nodes whose entry and exit nodes in relation to you are changing all the time. This makes it extraordinarily difficult to prove you were the source of an resource request on the WWW.
Go to the Tor Browser Bundle webpage and scroll down to find the software for installing on Windows in the language of your convenience.
Download the file and save it somewhere, then follow the instructions.
If it's all a bit too confusing, download the howto video.
Googlesharing
One solution to the problem of anonymity while searching is to pool queries such that, from Google's perspective, they appear to come from one source. Google Sharing is an excellent plugin for Firefox that provides this functionality. It can also be installed using the Tools->Add-ons interface in Mozilla Firefox.
Currently, Googlesharing is in Beta and is only available for Firefox.
SRWare Iron
Chrome allows users to surf under "Incognito Window" but, if you want to go one step further and make all your movements invisible, you might want to try its non-evil twin Iron, who starts by disabling all the conspicuous Chrome's data collecting features that feed the biggest search engine in the Internet and allows you to keep your movements to yourself. Iron is also based on Chromium so you can use all your favorite Chrome extensions and works in all platforms.
Download it here.
Virtual Private Networking
OpenVPN
OpenVPN allows you to create your very own network (alike LAN - with 'private' IP range) and attach your device to it over the Internet. An 'overlay' network is created using Internet connectivity as its physical layer - traffic inside your VPN network is securely 'encapsulated'. OpenVPN server can be used as a 'router' or an 'exit node' (using TOR terminology) allowing to route your Internet traffic via the server while not exposing your personal IP address.
http://openvpn.net/index.php/open-source/documentation/howto.html Original OpenVPN documentation. Create your own server and connect to it.
Free VPN service providers
http://www.vpnsp.com/free-vpn-trials.html List of free VPN providers.
OpenVPN compatible, free accounts
https://www.privatetunnel.com/index.php register, confirm via email, goto 'My Account', goto 'Download User Profile', save .ovpn file (limited to 100 MB -- afterwards: 12 USD for 50 GB).
Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications.
We recommend the Free Software GPG4WIN for use on Windows systems.
All Browsers
SSL Everywhere TOR GoogleSharing for anonimising Google searches Any cryptostuff that secures communications
Crypto and Anonymity solutions for Smart Phones
Android
Anonymity
Browsing
Browsing without your browsing session being recorded and/or studied by unannounced third-parties is an increasing issue on the Internet. Some years ago the TOR project was formed, which uses a technique called Onion Routing to route your packets through an international network of TOR nodes whose entry and exit nodes in relation to you are changing all the time. This makes it extraordinarily difficult to prove you were the source of an resource request on the WWW.
A great TOR client for Android is Orbot. Use it in conjunction with the Poxy Mobile Add-on for anonymised browsing in Firefox on Android.
Searching
Search anonymity is also important, especially when using big centralised services like Google. One solution to this problem is to pool queries such that, from Google's perspective, they appear to come from one source. Google Sharing is an excellent plugin for Firefox that provides this functionality. It can also be installed using the Tools->Add-ons interface in Mozilla Firefox.
Instant Messaging
Encrypted chat sessions are important if you don't want anyone in the room to read, record or modify your messages. The GuardianProject's own Gibber provides strong encryption for chat sessions using Facebook, Google, Jabber or any open-standards chat service. Note that this does not prohibit Google or Facebook from logging your chat sessions, which almost certainly already occurs.
Secure Calls and Chat
Calls
GSM encryption is becoming increasingly easier to break, using tools costing as little as EUR1500. More so, even if no one in your vicinity has broken your default GSM encryption, it does not mean that telecommunications providers or (organisations they are cooperating with) cannot listen in on your calls. If you do not want people to be able to listen and record your private mobile phone conversations you will need to use end-to-end encryption.
RedPhone, from Whisper Systems, is another solution. CellCrypt is another solution for end-to-end call encryption with a version for Android devices. Cellcrypt is not free.
SMS
SMS messages are just as vulnerable to snooping as calls on a GSM encrypted line. TextSecure is a drop-in replacement for the default SMS messaging application on Android.
...
iOS
Secure Calls and Chat
Calls
GSM encryption is becoming increasingly easier to break, using tools costing as little as EUR1500. More so, even if no one in your vicinity has broken your default GSM encryption, it does not mean that telecommunications providers or (organisations they are cooperating with) cannot listen in on your calls. If you do not want people to be able to listen and record your private mobile phone conversations you will need to use end-to-end encryption.
CellCrypt is a solution for end-to-end call encryption with a version for iOS devices but is expensive.
... ...
Blackberry
...
Windows Mobile
...
Maemo
...
Crypto for Tablets
Android
...
iOS
...