The point of paranoid behaviour

Published Wed, Jan 20 2010 4:31 PM

As you might have noticed from my earlier posts I like encryption and anonymization.

For instance Mises.org now offer their site in HTTPS (end-to-end encryption). They also run a Tor exit-node on their server, which means you can communicate with it without exiting the anonymous Tor network (if your destination runs an exit node Tor will automatically pick that as your exit).

This is of course very useful for people living in oppressive regimes where they need to circumvent censorship and could get shot for visiting sites like Mises.org. But why should the rest of us bother with solutions like this?

For people in the not quite so oppressed part of the world this appears excessive and paranoid at first glance. However I think there are some strong arguments why we should use these solutions even if we really don't need then ... yet.

Most of this stuff is open-source. The development is driven by the community and more users leads to more programmers and more work hours being put into developing this type of software.
Also the software need to be tested, for this to be possible it often needs to be used on a massive scale. It is difficult to evaluate weaknesses in systems like this when they have very few users.

So what this means is that if we use anonymization and encryption software there will be more of it and it will become more secure and easier to use.

Primarily that is very useful to people living in countries where ideas are far from free. Apart from reasons originating from pure empathy for people living under terror states it will also benefit us if the security threats and trade obstacle these regimes are where to fall to domestic opposition.
Tor for instance has been widely used by insurgents in Iran and helped them coordinate their efforts and spread information.

Secondly you can use this type of software to bypass geo-restrictions on places like YouTube and Hulu.

Finally when the day comes that our ponzi-welfare systems goes bankrupt and our states can no longer rely on bribes to suppress any opposition against it we should also be fortunate that we already have this kind of technology in place to help ourselves.

So what can you do?
The first and easiest step is to use HTTPS where ever possible. Just chance the start of the URL from http:// to https:// and see if it works. Many Google services can be used in HTTPS as well as Facebook.
For Facebook to remain on secure browsing you will need this Firefox add-on: Force-TLS. Just add *.facebook.com there and it will automatically rewrite all Facebook URLs to https://.
You can also use it for other places like Google Reader, e-mail, banks and any place that support https.

Another useful add-on for Firefox is FoxyProxy which can be used with Tor for instance to anonymize browsing on specific sites only.

Finally for Firefox there is FireGPG which is basically a OpenPGP/MIME encryption plugin for GMail. It works seamlessly with any mail client with OpenPGP/MIME support installed. It also makes it alot easier to use clear text encryption then doing it via the clipboard with PGP Desktop Free.

Encrypting instant-messages is still in it's infantile state of development so there you can really help by using it. Look into OTR there are OTR plugins for Pidgin and Miranda IM this far that I know of.

by hkarnoldson
Filed under: , ,