Category Archives: Security

Safe and Secure Browsing Through Home Computer

I have found a little OpenSSH switch to be one of my best friends. If I am at a strange client network, cafe, or conference I use “-D” to make me feel warm and fuzzy all over. In OpenSSH if you use this switch you create an SSH SOCKS proxy on the port you specify. Thus encrypting your traffic to the SSH server you specify. In my case I connect to my home computer using a free DYNDNS ( dynamic DNS name mapped to my home computer that stays on.


$ssh -D 6666 username@ip-address-of–your-ssh-server

Then you simply point your browser or other programs like IM to that port (in example 6666) on localhost and you can browse from your home computer free of snooping or any potential malicious users.

Another handy tool is ProxyChains ( which I know works on Linux and might compile for you Mac people too.

Iceland and the New Need for Free Speech and Cryptography

The name Wikileaks has become part of the general vernacular ever since their release of the 91k+ documents related to the US war in Afghanistan.  But another related topic has only been touched upon as a side note to the leakage of these once secret documents.  Iceland has recently only been on people’s minds in relation to the eruption of the Eyjafjallajökull volcano which disrupted a large amount of international travel.  But there is another story coming out of Iceland that has not gotten so much attention.  It is their passing of the Icelandic Modern Media Initiative, which past the Icelandic Parliament unanimously.  The initiative aims to “task the government with finding ways to strengthen freedom of expression around the world and in Iceland, as well as providing strong protections for sources and whistle blowers. To this end the legal environment should be explored in such a way that the goals can be defined, and changes to law or new law proposals can be prepared. The legal environments of other countries should be considered, with the purpose of assembling the best laws to make Iceland a leader of freedoms of expression and information. We also feel it is high time to establish the first Icelandic international prize: The Icelandic Freedom of Expression Award.”

Being form the US I grew up with the impression that the First Amendment allowed people to freely express their much the same things that Iceland is referring to in their bill.  In the years since my childhood I have realized that this is more a concept than a practice put into action.  Late last month the Washington Post released a series of stories called Top Secret America in which they outlined the ever growing privatization of intelligence gathering in the US.  Some 854,000 people hold top secret clearances.  With thousands of companies reaping the billions of dollars spent on post 9/11 intelligence gathering and related activities.  Many of these activities involve intelligence gathering related to Internet and mobile traffic.  The most amazing part of the Post’s series is the utter lack of uproar over the piece.  Other recent news has also alluded to the possibility of private volunteer snoops (Cryptome claims a hoax) monitoring US citizens Internet traffic and is correlated to the arrest of Bradley Manning a former US Army intelligence analyst accused of leaking secret video and documents to Wikileaks.  So you can say what you want but everyone is listening.

I can understand the need for secrecy in military actions and in certain cases to protect the US from hostile forces and groups.  But the fact that the NSA intercepts 1.7 billion emails, phone call, and other electronic communications daily leads me to believe that out of that vast number the majority are just US citizens going about their daily communications.  Another twist in the news is the funding by Google and the CIA of a company called Recorded Future which is a site that monitors thousands of sites like Twitter, Facebook, and numerous others to create relationships which may create a view of the future.  It also allows for relational and temporal mining of an individual as they relate to other people or groups.  This is certainly something that can be of use to intelligence agencies, yet also has a high potential for abuse.

If a person or organization had access to all the traffic coming from your computer (and some do) imagine the picture they can paint when in conjunction with a company like Google that you might use to search for anything of interest to you.  They would know your interests, hobbies, music taste, and most anything about you by creating these relationships.  Even the kind of legal adult content you may view (let’s be honest here).

So how does one protect themselves and their communications from this sort of snooping done by the government, private “hired guns”, and even individuals?


There are many Open Source tools to protect yourself from snooping.  Even an entire cipherspace to use to protect your privacy online.  We will look at a few simple things you can do to protect your communications and Internet browsing.

The first would be GnuPG (Gnu Privacy Guard) which is a cryptographic add-on to allow you to easily encrypt, decrypt, and sign email, chat, and files.  There are numerous front-ends to the program to allow ease of use.  Another good option for Instant Messaging encryption is Off-the-Record which allows you to easily encrypt your IMs through numerous services.  A good client in Pidgin which allows you to use GTalk, Yahoo!, AOL IM, and others in one program to easily encrypt conversations.  In terms of safe web browsing there is Freenet, which allows for an encrypted network to safely browse the Internet.  Tools like Freenet also help to protect people in Internet restrictive countries like China to access information freely and to report on the goings on inside their countries.

Another popular anonymizer is Tor which uses the onion routing concept.

“Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.”

There are numerous other means of protecting ones privacy online that I have yet to touch up and will in more detail in future posts.  The above tools will be a good start to helping you protect your privacy and data.

Update 080620102347: Cryptome has an interesting series on US Government File Spying.  It’s latest in the series has some interesting information.