Privacy Shielding against Mass Surveillance. Note: The above link is a download link to the PDF file (289.3 KB) at Cryptome.org. -- Tom
I think this kind of work, and other efforts such as those by the EFF are very important. Some kind of consensus of what point tools/solutions might work together in practice is great because it will result in better adoption and support of those tools. It seems to me that we "have the technology" in terms of the basic methods, but the implementation and services around that will take time to improve. And the best way of achieving that is getting more people to agree on reasonable tools to use in conjunction with user process, then you have some momentum. I'm very much reminded of the early days in the use of email, there was a chicken and egg thing there; but once you get a critical mass in adoption (say of more secure messaging), then that will snowball. The bigger threat to that is that the social media giants will push their secure-but-not versions of the same thing, which people will mindlessly use, assuming that they are safer.
Paranoid Me I have been visiting cryptome for almost two decades. But won't now. Will get you placed on some list for sure, though I'm probably on those lists already cuz I have in the past for years enjoyed what I believed to be a free, open, non-surveillance state, internet. Too fr^^^^n sad to think about for me atm.
I suppose we could try to organize some viral campaign for every internet user to visit crytptome. That'd fixem
In a way crytptome was a crude early form of Wikileaks type info. The two individuals who started it are to be commended for their courage, skill, knowledge, foresight and awareness.
Good summary, thanks. I personally wonder how many people actually encrypt (not VoIP) phone call. From my understanding, those apps makes sense only when you talk with those who also have that app. I use TextSecure for SMS, but never encountered the same app user. And even if I could use encrypted phone call, some review says it decreases quality of sound, that can be serious issue for me as I have a bit difficulty in correctly recognizing each sounds as a voice. Does anyone actually encrypts your phone call?
Then you've been terrorized. Your not visiting the site because of fear of reprisals (being put on a list) is a successful act of terrorism - plain and simple. Sometimes being on certain lists should be considered a badge of honor.
A group of us at school wrote off for Chairman Mao's little red book from the Chinese Embassy (betraying my vintage there). We were told that it would be noted by the security services. But it was all FUD. If you feel you are in danger because of site visits, then it's time to move countries - not limit the sites you visit. For me, that day seems to be getting rapidly closer. Regarding @yuki's question about encrypting phone calls, no, I don't - because the legal regime for me is actually what I think is acceptable at the moment, because it's not (yet) subject to mass-surveillance (e.g. ASR). Of course, the metadata is, which is what's unacceptable. It's also not technically practical to retain low-latency and anonymity on encrypted calls/Voip, there's no general solution there.
I found Mumble in UDP mode via VPN via Tor to be quite usable. Although the latency is hundreds of msec, in push-to-talk mode that's not an issue. And the sound quality was better than most cellphone calls.
Well, there's no anonymity (or even strong pseudonymity) with voice. So I don't use it in that context.