Jump to content
Not connected, Your IP: 44.206.227.65
Guest Chaf

ANSWERED Privacy - Service & Software suggestions

Recommended Posts

Guest Chaf

Hi ;-)

 

The objective here is to gather AIRVPN like services who fight net neutrality and that are reliable and renowned.

 

Let me begin with a few I actually use: 

 

 

E-Mail Provider

Avoiding Gmail, Yahoo and all seems obvious but who then ?

 

Encryption tool

Truecrypt ? doesn't seem to be maintained anymore and there is a backdoor rumor ...

 

DNS Provider

OpenNic seems to keep no logs for some of their servers and fights for privacy.

 

Search Engine

Ixquick & Startpage (same company) claim to be the most confidential search engine in the world...

 

Any known other user friendly services / softwares you know of ?

 

 

Share this post


Link to post
Guest Chaf

I had the opportunity to try it but compared to startpage it doesn't fetch results from the google database...

Share this post


Link to post

For e-mail, you can open up a Yahoo account over Tor. You just have to ALWAYS login there via Tor or you defeat the entire purpose of having an anonymous account. Using this VPN is a must too, but you'll want Tor over VPN for maximum protection.

 

You can also open up an account over the Tormail hidden service. That's the gold standard for anonymity. You just have to be prepared for outages due to others not liking that service too much

 

As for everyone else, they require identifying info to open up each account. Some disallow Tor for account registration as well. Lavabit has been a long exception to this, but the last time I checked they had suspended registrations due to "abuse". Whatever that means.

 

For whole disk encryption, TrueCrypt remains the standard. The only problem is that it's not totally open source anymore, which makes some people paranoid. An alternative is DiskCryptor, which is completely open source.

 

Ooops.... just forgot to tell you to use PGP every time you want to communicate completely securely with someone else over the inherently insecure method of e-mail. A new alternative to this is Bitmessage, which is supposed to supplant e-mail for secure communications. Usage has increased dramatically over the past couple of months, so it's actually possible that it'll be adopted for this purpose in the future by many more people.

Share this post


Link to post

DuckDuckGo is a meta search engine. If you want only Google results use StartPage. Ixquick gives only non-Google results.

Lavabit servers are in the USA and all the privacy features they advertise are only for paid accounts. They also don't like Tor users.

Tor Mail is the account of choice for those who use hidden services. One of the advantages is that you can never make the mistake of logging in with your real IP. Don't assume that Gmail is more reliable. I once had a Gmail account that got shut down for ToS violation without warning or explanation.

Vmail is based in France. I have never used them so I would be interested in opinions.
https://www.vmail.me/en/

StartMail is by the creators of StartPage and Ixquick. Still in beta. Based in Netherlands like all their services.
https://startmail.com/

An old article comparing DiskCryptor and Truecrypt.
http://www.hacker10.com/encryption-software-2/diskcryptor-vs-truecrypt-comparison/


If you use AirVPN you won't need these...

German Privacy Foundation DNS
http://www.privacyfoundation.de/service/serveruebersicht/

Swiss Privacy Foundation DNS
http://www.privacyfoundation.ch/de/service/server.html

Share this post


Link to post
Guest Chaf

Very interesting feedback...I'm looking into that right away

Share this post


Link to post
Guest Chaf

Some secure alternates are highlighted at http://prism-break.org/

 

Excellent share !! Exactly the kind of information I wanted to gather with this topic ;-)

Share this post


Link to post
E-Mail Provider

Countermail - uses java for webmail but you can use Thunderbird+Enigmail after initial setup. All mail is PGP encrypted.

 

Encryption tool

Truecrypt - released slowly when it's as stable as possible (it is used for whole disc encryption after all). It's open source so check the code for a back door.

 

DNS Provider

OpenDNS

 

Search Engine

DuckDuckGo

Share this post


Link to post
Guest Chaf

I don't know countermail...

A lot talk about PGP or GPG encryption but I hardly come across people using an SSL mail certificate which also works great and is free to have through Comodo...

I personnally use an SSL mail certificate - easier and compatbile out of the box by email client software

 

Truecrypt isn't completely opensource and hasn't been updated for a long time...not sure it has been reviewed by a cryptographer either

DiskCryptor seems to be a more reliable solution from what I see here and there...

One thing is sure about encryption - it is a good way to prevent thefts accessing personal data but is for sure unreliable whatever the program is used to prevent higher authoroties accessing sensible data.

 

Opendns keeps logs and is a fake DNS http://en.kioskea.net/faq/5269-myths-opendns-is-a-fake-dns

Prefer Opennic DNS (Be aware not all opennic servers are anonymous - see this list http://wiki.opennicproject.org/Tier2 )

 

+1 for duckduckgo or startpage or ixquick

Share this post


Link to post

The only way authorities can access encrypted data is by having physical access to your machine, remotely installing a keylogger, exploiting a weak password, installing a hidden camera in your home to watch the monitor, etc., in which case using DiskCryptor will make no difference. I have seen several cases in the US, UK and in my country where TrueCrypt stopped law enforcement dead in their tracks. I have never seen any evidence that TrueCrypt encryption can be broken.

Share this post


Link to post

Hello,

I have just read your postings and feel the need to clarify a point. Neither DiskCryptor nor TrueCrypt use own encryption methods. They use industry standard methods like AES (which implements Rijndael), Twofish or Serpent. So this means that if these encryption methods will be broken then any application that implements them will be broken, regardsless of your application. So it's not about breaking an application, it's about breaking encyrption algorithms. So far noone really knows if they are already broken as nobody claims to have broken them. So we assume they're still save. Speculations will make no sense. The best thing you can do is to avoid the loss of your password. And this password should be long enough to prevent bruteforce attacks from being successful.

Share this post


Link to post

TrueCrypt has been tested in real life powerful attacks and has never been defeated according to available information, remember Operation Satyagraha.

 

http://www.theregister.co.uk/2010/06/28/brazil_banker_crypto_lock_out/

 

About some comments on the thread... the source code of TrueCrypt is available. You can't say it's free, given its license, but the source code is regularly available. Of course obtaining an executable file bit-by-bit identical to the distributed packages is practically impossible, but that's a different problem.

 

Also, it is false that TrueCrypt is not currently developed. Wikipedia has an article which provides a balanced overview on TrueCrypt and includes several, important reference notes:

http://en.wikipedia.org/wiki/Truecrypt#Licensing_and_Open_Source_status

 

Kind regards

Share this post


Link to post
Guest Chaf

For the end user non specialist, in the end it's all about the trust one has in the program he uses...

Share this post


Link to post

For the end user non specialist, in the end it's all about the trust one has in the program he uses...

 

Yes... and here the importance of different, independent from each other peer-reviews by specialists comes into play. Such reviews are sometimes very hard or even impossible to be performed when the source code is not available. Source code of TrueCrypt is available, unfortunately latest versions of TrueCrypt are at the moment missing these reviews, as far as we know.

 

Kind regards

Share this post


Link to post

I don't know countermail...

 

Check them out. You don't *have* to use PGP with everyone, but all your mail is still stored encrypted. They are resistant to PRISM type server compromises. They are a great combo with Air. Not free, but you get what you pay for. I'm just a customer. I use Thunderbird and Enigmail with them.

Share this post


Link to post

Countermail only allows for payment in 3 ways: credit card, Paypal and wire transfer. No bitcoin. So it's far from anonymous. Too bad Liberty Reserve went under. Countermail used to accept LR payments until they were shut down. They still list LR as a payment option on the site. Damn shame.

 

 

I don't know countermail...

 

Check them out. You don't *have* to use PGP with everyone, but all your mail is still stored encrypted. They are resistant to PRISM type server compromises. They are a great combo with Air. Not free, but you get what you pay for. I'm just a customer. I use Thunderbird and Enigmail with them.

 

JD

Share this post


Link to post

thanks really love that prism break website,   considering the way things are going and amount of hysteria going up in the air Its better to protect yourself and always.

 

Keep the tools and suggestions coming ! this threads top!

Share this post


Link to post
Guest Chaf

I recently came accross a post on a forum of someone travelling to Canada who was asked by customs to start his computer in order for them to check if there was illegal content in it. Failing to cooperate if his OS session was password protected or encrypted would of apparently brought him quite some trouble...And as a reminder some countries have laws in which you HAVE TO reveal your password for encrypted data or might face jail time failing to do so...

- I can't find the link of the original thread...sorry -

 

My goal here is not to say/ask if it really happended or debate on it, as it can happen.

 

A few messages back I doubted on the efficiency of Truecrypt compared to Diskcryptor. 

No doubt anymore..Truecrypt has a feature for creating hidden containers that can greatly circumvent the above mentionned situation.

http://www.truecrypt.org/docs/hidden-volume#Y0

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...