Contents 1 A Note of Caution 1.1 Cryptography is Powerful, but not your only line of defe nse 1.1.

1 Learn and Use 2 Basics first 2.1 Risk Analysis 2.2 Kerckhoffs's principle 2.3 Public Key Crypt ography 2.3.1 Learn and Use 2.4 SSL 2.4.1 Learn and Use 2.5 AES 3 PGP / GPG 3.1 Install GPG 3.1.1 PGP Public Keyservers 3.2 Import our keys 3.3 Encrypt your message 3.3.1 Automatic Encryption Using Enigmail/Thunderbird 3.3.1 .1 Learn and Use 3.3.2 Manual Encryption Using Command Lines/Terminals and GPG 3 .4 Keys 3.5 Links 3.6 Learn and Use 4 Verifying Software Downloads & Files: Hashing 4.1 Microsoft File Checksum Inte grity Verifier 4.2 Hashtab & Hash My Files 4.3 Checking Hashes on Linux / Mac 4. 4 Checking GPG Digitally Signed Software Package Signatures 5 Disk Encryption 5.1 TrueCrypt 5.1.1 Learn and Use 5.2 FileVault 5.3 LUKS 5.4 T omb 5.5 Learn and Use 6 Secure Data Deletion 7 Encrypted Mobile Communications 7.1 Gibberbot 7.2 TextSecure 7.3 RedPhone 7.4 Chatsecure 8 Privacy Protected Browsing 8.1 Tor 8.1.1 Learn and Use 8.2 Tor Browser Bundle 8.3 Onion browser on iOS 8.4 Orbot: Tor On Android 8.5 Orweb: Proxy+Privacy Brow ser 8.6 Ghostery 8.7 Learn and Use 9 Darknets 9.1 Tor 9.2 Tribler 9.3 i2p 9.4 Freenet 10 Secure Chat 10.1 Encryption 10.2 Authentication 10.3 Deniability 10.4 Perfect forward secrecy 10.5 Client support 10.5.1 Native 10.5.2 Via plug-in 10.5.3 Pro xy 10.5.4 Chat Log Files 10.6 Learn and Use 11 Misc 11.1 Tahoe LAFS 11.1.1 Learn and Use 11.2 Intrusion detection systems 11 .3 IronKey 11.4 DistrRTgen 12 Software Libraries 13 Operating System and Host Environment 13.1 Home directory encryption 13.2 Ful l Disk Encryption 13.2.1 See also 13.3 Operating Systems 13.3.1 Tails Linux: The Amnesic Incognito Live System 13.3.2 Libert Linux 13.3.3 Whonix 14 E-mail 14.1 Website Emailers 14.1.1 SSL-enabled services 14.1.2 Non-SSL servi ces 14.2 Encrypted Dropboxes 14.2.1 Privacybox.de 15 Data Liberation 15.1 Learn and Use 16 Virtual Private Networks (VPNs) 16.1 Microsoft PPTP 16.1.1 Microsoft PPTP Pro blems 16.2 OpenVPN 16.3 VPN in meatspace 16.4 SSH 16.5 External VPN guides/links : 16.6 Learn and Use 17 Bitcoin 17.1 Learn and Use 18 RFID 19 Remote Desktop software 19.1 Microsoft RDP 19.2 Apple Remote Desktop ARD 20 Voice over IP 20.1 Learn and Use 21 Mobile Phones / Smartphones 22 Counter-Surveillance 22.1 Learn and Use 23 Legal Issues 23.1 Australia 23.2 European Union 23.2.1 Ireland 23.2.1.1 Decry ption Laws 23.2.2 United Kingdom 23.3 United States 24 Organizations and Legal Support 24.1 Electronic Frontier Foundation 25 Courses and Education 26 Where to go for more information 27 Some Relevant Quotes from Twitter and Elsewhere 27.1 Security Humour A Note of Caution: Please only add resources and tools to this page. Inasmuch as anyone can edit this wiki, some skepticism is warranted crowd-sourcing has the def ects of its virtues! For good, concrete, peer-reviewed advice, we recommend the Electronic Frontier Foundation's tutorials at https://ssd.eff.org/ That said, yo ur privacy is already more configurable than you might think... Cryptography is Powerful, but not your only line of defense The theory behind cryptography is solid and proven, but solid crypto will fail i f:

Implemented incorrectly - if the tool claims to have certain crypto implemented, they may be truthful but the implementation may be unsound. Try to use the tool s that have a large user base and large communities - they are generally safer ( but not always). Misused - encrypted a file but didn't secure-delete the plain-text? Initiated an SSL tunnel but didn't verify the remote certificate? Use top notch crypto softw are but didn't protect the OS or the physical computer? It is so easy to make mi stakes, doing it right requires consistency, vigilance, and a modicum of paranoi a. Assume that you do not know, learn all you can, then use. Carefully. Mistakes may render your state-of-the-art crypto useless against a knowledgeable adversa ry. Why is cryptography dangerous? Because it can give you a false sense of security . Come to a crypto-party and talk to experts, learn from each other, and continue to learn over time. Take responsibility for your communication, privacy, and sec urity. Don't let anyone scare you out of experimenting and implementing crypto, but please be aware it takes time and effort to learn that crypto is necessary, but not sufficent; it is not a panacea. Learn and Use Video: Encrypt to Live from Cryptoparty Boston (Andrew) via @torproject Basics first Risk Analysis Committee to Protect Journalists Journalists Security Guide - Information Securi ty by Danny O Brien - hopefully a CryptoParty will clearly explain most of the softw are and techniques mentioned in this guide. Your emphasis should be on simplicity. There s no point in surrounding yourself with computer security that you don t use, or that fails to address a weaker link elsewh ere. Take advantage of what you know well: the people who are most likely to tak e offense or otherwise target your work, and what they may be seeking to obtain or disrupt. Use that knowledge to determine what you need to protect and how. Ask yourself: What information should I protect? What data is valuable to me or a potential adversary? It might not be what you think of at first. Many journali sts feel that what they are doing is largely transparent, and that they have not hing to hide. But think about the dangers to sources if the information they hav e provided to you was more widely known. What may seem innocuous personal inform ation to you might be incriminatory to others. Kerckhoffs's principle Kerckhoffs's principle A cryptosystem should be secure even if everything about the system, except the key, is public knowledge. This principle should apply to all of the tools and resources mentioned on this page. Public Key Cryptography Public Key Cryptography has only become practical with the use of computers. It offers a mathematically secure way of sending encrypted messages or files betwee n computers and their users, without necessarily having to set up a separate Sec ure Channel e.g. a face to face meeting, to agree upon or exchange the secret ke y to the cryptographic algorithm they are using to protect the privacy of the me ssage or data from snoopers. Public Key Cryptography also offers a method of detecting attempts at forgery th rough the use of Digital Signatures. Learn and Use BBC science presenter Dr Yan Wong explains (without mathematics) the principle o f how Alice and Bob can use "digital padlocks" to protect their messages from be ing read by Ed the eavesdropper - Public Key Encryption video clip (3 minutes) There is an excellent visual explanation of Diffie-Hellman key exchange on YouTu be. SSL Secure Socket Layer is a multi-cypher protocol used to create an encrypted conne ction across the internet from your device to a destination server; it is widely

used in commercial applications. The precursor to Transport Layer Security (TLS ), many systems which actually use TLS anachronistically claim that they are usi ng SSL inasmuch as it far more widely known. Website links which begin with https:// signify the use of SSL or TLS encrypted sessions Check how well a public internet webserver is configured for SSL / TLS via the Q ualsys SSL Labs Server Test By default most webserver configurations allow old protocols and weak cryptograp hic ciphers. See the Server side security tweaks page for how this was improved for this website https://CryptoParty.org running on an Apache webserver. The Qualsys SSL Labs Server Test score for CryptoParty.org of "A" 85 is now as g ood as most internet banking websites etc. For Microsoft IIS 7.x on Windows 2008 or IIS 6.x on Windows 2003, the free Narta c Software IISCrypto tool will allow you to conveniently disable the weak SSL ve r 2 protocol and to pick and order the Cipher Suites, to ignore weak 40 bit and 56 bit key lengths and to include the RC4 algorithm to resist the BEAST man-in-t he-middle attack, without having to wade through the complexities of various Reg istry Keys etc. Adding the HTTP Strict Transport Security header which allows the latest version s of browsers like Google Chrome to always choose the SSL encrypted version of a website, again to resist man-in-the-middle attacks: Windows 2008 IIS 7.x Windows 2003 IIS 6.x Apache Server side security tweaks The Digital Certificate Fingerprints for https://CryptoParty.org are: Serial No: 0008 35C2 SHA1: 13:10:16:5D:8E:19:3F:E9:58:A0:A5:D0:38:B1:BB:59:C8:75:B2:2C MD5: EF:07:FB:C6:AF:D9:CC:25:72:43:0A:05:B4:AB:14:65 You can choose to trust the colour changes in your web browser navigation bar or other symbols and the lack of pop up warning messages, that signify a "good" SS L / TLS encrypted session connection to the website. Alternatively, you can chec k these Cryptographic Hash Fingerprints manually each time you visit this websit e, e.g. in Firefox on a Windows computer, right mouse click on the web page / Vi ew Page Info / Security / View Certificate If they do not match what you are expecting, do not enter any sensitive data int o any web form e.g a login username or password or your credit card details, wit hout checking further. You can also make use of say, a Firefox web browser addon like Certificate Patro l, which will notify you if the current Digital Certificate has changed since th e previous time you visited the website - this may be indicative of a man-in-the -middle hijack attempt or it may be a normal rotation due certificate expiry or load balancing between different computers on high volume websites. Using SSL by no means guarantees that your connection is "secure". It only indic ates that the connection is encrypted between you and the server, and if the cer tificate system behind it is not manipulated (which has happened in the past) th at the remote server is what it claims it is. The use of SSL does not imply that the remote web site is secure (or that your computer is secure). "Using SSL to deliver data between a desktop PC and a typical website is like using an armored car to deliver money from your sock drawer to a paper bag taped under a park be nch." -- Alan Batie (whoever that is). Learn and Use Video: "SSL and Authentication" from Boston Cryptoparty (John) via @torproject AES The Advanced Encryption Standard is a popular symmetric cypher. This means that the key used to encrypt the information is the same as the key to decrypt it. AE S is a standard form of encryption for governments and large organisations, and has formed the basis for many other derivative cryptosystems (such as PGP, as di scussed below). Symmetric ciphers such as AES are useful because they are fast, reliable and non specific. A file encrypted via AES can be shared widely and decrypted by everyon

e with the same key. This is in stark contrast to public-key encryption methods, where encryption is targeted to the owner of a private key only. A real-world e xample of this approach is the distribution by Wikileaks of an "insurance" file, which appears to be AES encrypted. The distribution of this file means that Wik ileaks have leverage over more powerful enemies, as they can release a small key to unlock a large, and presumably high-impact, file. Is is normal for public-key (asymmetric) and symmetric cipher methods to be comb ined to take advantage of the strengths of both. In the popular PGP encryption f ormat, a message or file is encrypted first with a symmetric cipher (usually AES ), and the AES encryption key is then encrypted with the recipients' public keys . The encrypted AES key for each recipient is then attached to the message and t he entire block can be sent. Because AES is faster at encrypting and decrypting large files or bodies of text, this saves considerable time and bandwidth compar ed to encrypting entire messages with public keys and distributing a different c opy of the message to each recipient. For recipients, only the AES key needs to be decrypted with the private key, saving time, and the rest can be decrypted wi th AES; a faster cipher. Ciphers such as AES are often also used for session encryption between clients o r servers, using a similar format; first, a session key is sent via asymmetric/p ublic-key methods, and this is thereafter used by both parties (as a "shared sec ret") to encrypt and decrypt communications. Again, this saves considerable band width and time over public-key encrypting every communication sent. PGP / GPG Pretty Good Privacy is a data encryption and decryption computer program. PGP is often used for signing, encrypting and decrypting texts, e-mails, files, direct ories, and disk partitions to increase the security of e-mail communications. It was created by Phil Zimmermann in 1991. Its variant GNU Privacy Guard is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current I ETF standards track specification of OpenPGP. Current versions of PGP (and Verid is' Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems. A part of the Free Software Foundation's GNU software project, GnuPG has also r eceived major funding from the German government. Seemingly in order to remain interoperable with older, possibly proprietary soft ware, GnuPG still allows signatures using insecure hashes like SHA-1. If you don 't know what this means, suffice to say it's a bad idea. There are instructions here detailing how to fix this after installing GPG, so that only secure hashes are used; this protects you from others falsifying messages in your name, and is definitely worth doing if you use any software that uses GPG, like Enigmail. Th e android port of GnuPG, APG (below), does not seem to use outdated message hash es and needs no further tweaking to use securely (provided you trust the channel through which you received APG, like the Android Play Market). Multiple Operating Systems - GNU Privacy Guard Apple Macintosh - GPG Tools Microsoft Windows - GPG4Win Android - APG Android Privacy Guard iOS - oPenGP Enigmail plugin for Mozilla Thunderbird email - Enigmail Install GPG GNU Privacy Guard, or GnuPG/GPG for short, is an open source, feature rich imple mentation of the popular and well-trusted OpenPGP standard for public-key encryp tion. This is the form of encryption most often used for email between individua ls, and can be used to sign, verify, encrypt and decrypt anything from email mes sages to files. GPG is highly recommended, but the default settings are designed to be backwards compatible with slower-moving proprietary software, and use some insecure setti ngs that should (by now) be phased out entirely. This backwards compatibility is not necessary for Cryptopartiers, who are all hip, awesome people using the lat est in open-source cryptography.

Chief among the problems is the default usage of the SHA-1 hash family, which is by now known to be insecure and can lead to signature falsification, allowing a n attacker to make it seem as if you have personally signed and attested to the contents of an arbitrary, perhaps malicious, message or program. A good guide fo r how to migrate an installed copy of GPG to more secure modern settings is here (for linux users). It shouldn't take more than a minute in the Terminal to perf orm these changes, and it will vastly improve the security of your GPG encrypted messages (this includes messages encrypted with GPG-based crypto suites like En igmail in Thunderbird). It is absolutely vital that you cryptographically verify the version of GPG that you install. On GNU/Linux systems, the package manager does this for you. You don't need to w orry about it. On Windows and Mac, you very likely need to download something from a website see the #Links section. Make sure that the web address you download it from is H TTPS, not HTTP. Many websites provide cryptographic checksums that the more technically-inclined can use to verify their downloads. However, in many cases this information is p rovided via HTTP, which is not secure. If you decide to go down this route, make sure that your get your checksums in a secure way as well! For example, use HTT PS instead of HTTP, if possible. PGP Public Keyservers PGP Public Keyservers are central directories of published PGP / GPG Public Keys . They are useful for finding a backup copy of a PGP Public Key, especially if you r main website is under DDoS or attack or has been seized by the authorities. Th ey they should not be relied on as the only method of distributing such keys, es pecially since anybody can upload a plausible looking PGP Key. Because of this threat of key falsification, keys on keyservers are often identi fied by their "Fingerprint", or "ID". A key fingerprint is a truncated hash func tion of the public key, and is considered unique enough to be used in verificati on of the key. This is only useful if you know the fingerprint/id of the recipie nt's true key when searching for it, and the fingerprint must also be verified a fter downloading and importing the key into the appropriate software. Most good key management software will list the key fingerprint/id next to imported keys, allowing easy verification against the fingerprint given by the recipient. Many Public PGP Keyservers are networked together, so a PGP / GPG Public Key sub mitted to one of them, will eventually be published on several (but not all) of them automatically. This is in keeping with the popular mindset that a public ke y is better off very public, so that if someone seeks a key for a recipient, the y are more likely to encounter the legitimate key, rather than a potentially fal se key. At worst, then, they will encounter two keys, and be inspired to verify which one is correct. http://pgp.mit.edu/ http://pgp.uni-mainz.de http://keyserver2.pgp.com/ http://keyserver.ubuntu.com/ http://pool.sks-keyservers.net/ Play the 6 degrees of key separation http://pgp.cs.uu.nl/ Import our keys Before sending us email for the first time, you need to import our keys. You onl y need to do this once per email address (per computer that you wish to use to d o the encryption). Windows 16.1 Key server configuration: select OpenPGP, then keep the default server (hkp ://keys.gnupg.net) and save without making further changes. You only need to do this one per installation; you can skip it for any other future keys that you ne ed to import. 16.2 Search and import certificates from certificate servers: use the appropriat e email address from #Keys

11 Certificate inspection: the appropriate fingerprint is given in #Keys Mac OS X Follow the same instructions as for GNU/Linux below. Type each command into a Te rminal window (/Applications/Utilities/Terminal), then hit Return. (The dollar s ign represents the command prompt you'll see at the beginning of any command lin e: don't type it in.) If you need further instructions on using the Terminal, se e the Help menu, this O'Reilly intro or Google. GNU/Linux Import from a keyserver: $ gpg --search-keys --keyserver pgp.mit.edu OUR_EMAIL_ADDRESS You may get asked to "Enter number(s), N)ext, or Q)uit >". Usually this means pr ess 1 and enter - i.e. the first key found, which should also be the only key fo und. Encrypt your message Please only encrypt plain text. Some of the methods here may not work with other formats, and it's safer for us too. This means that if your email client allows you to use graphical smileyfaces, bold/italic/other fonts, and other pretty tex t features, it's probably best not to use these, and to try to switch your email compose window to "plain text" rather than HTML if you can find a setting to do so. In Thunderbird, the setting is found in the "Account Settings" Dialog, foun d in the "Edit" menu: Go to the "Composition and Addressing" tab of the desired account, and uncheck "Compose Messages in HTML Format". Email encryption is primarily a way to prevent people between sender and recipie nt from reading the mail. However, you may also be concerned about people access ing your personal computer, either by hacking into it from a network or by physi cally seizing the computer from you and forcing you to decrypt the contents (ass uming they are encrypted at all). If you're concerned that this might happen, th en don't keep copies of any important emails you send or receive in plain-text. If drafting an email, do so in a program like gedit (Linux) or Notepad (Windows) , don't save the file at any time, and copy/paste the text directly into the enc ryption scheme you plan to use. Also, remember to turn off message draft autosav ing, which in many cases uploads a copy of your draft, unencrypted, to the centr al email server, defeating the purpose of encryption entirely. In all cases, email Subject: lines are NOT encrypted. Don't put sensitive inform ation there. If you don't even want to reveal your email address, get a friend t o send it. If you know how to, please cryptographically sign your message as well! This wil l assure us that your message was truly written by you, and not forged. But this has the effect of revealing your identity as well, so it's up to you. Automatic Encryption Using Enigmail/Thunderbird Enigmail is a "frontend" for GnuPG that offers a nice plugin-like interface for Thunderbird. When configured correctly, it removes much of the work/hassle of en crypting email to supported recipients (i.e. those with keypairs), and allows yo u to get back to the business of communicating with a reasonable degree of secur ity in mind. However, Enigmail has a number of gotchas that need to be considered when settin g it up. For example, you need to set Enigmail to automatically encrypt email to recipients whose email addresses have matching public keys in the local key sto re; otherwise it may leave it up to you to remember to check "encrypt" in the co mpose window, which is easy to forget. You can also set up Enigmail to automatic ally sign all outgoing email, or only to sign when also encrypting; this is up t o you. Enigmail's security is dependent on GPG itself, and so you need to ensure your G PG installation is secure; see above for information on this process, which (at present) includes changing some settings through the command line/terminal; sorr y to new users, this is seemingly the fault of the prevelant distributors of GPG for not updating the software to match changing security threats, and can't be helped. One key consideration when setting up Enigmail is to change the settings of the email client itself, to turn off drafts. This is because to norm for remote emai

l management these days is "IMAP", a system that works through synchronising rem ote mail folders with the local client and vice versa. In other words, when your email client automatically saves a draft of an email you are composing to a "dr afts" folder (even one you think you've only made locally), odds are it's upload ing that unencrypted draft directly to the server. So, by simply turning off aut omatic message drafting in Thunderbird, you improve your privacy and allow Enigm ail to act as gatekeeper between you and the mail server. You'll find the approp riate setting in "Thunderbird Settings"->Composition->General->"Auto-save every XX Minutes". Just uncheck the option, the number of minutes is then irrelevant. Learn and Use Slides: "Encrypting Email with PGP/Enigmail/Thunderbird from CryptoParty London Manual Encryption Using Command Lines/Terminals and GPG Assuming that you are not using a graphical interface to GnuPG such as Enigmail (for the Thunderbird email client), you can use GPG in the Terminal or a Windows command line, to manually encrypt your files or to run combinations of GPG comm ands as scripts or batch files. Windows 12 Encrypting e-mails: should be fairly self-explanatory. Make sure you have alr eady imported the right key; see previous section. N.B. even experienced users make mistakes with the Windows command line, especia lly as some GPG options use double dashes -- and others just single ones C:\Users\CryptoParty> gpg -? | more will display the available options, one page at a time. Mac OS X Follow the same instructions as for GNU/Linux below. Type each command into a Te rminal window (/Applications/Utilities/Terminal), then hit Return. (The dollar s ign represents the command prompt you'll see at the beginning of any command lin e: don't type it in.) If you need further instructions on using the Terminal, se e the Help menu, this O'Reilly intro or Google. GNU/Linux The best way is to run: $ gpg -ae -r OUR_EMAIL_ADDRESS > OUTPUT_FILE Start typing your message. (Or right-click and "Paste" from the clipboard.) When you are done, press Ctrl-D and the program will exit. You will find the encrypt ed form of your message in OUTPUT_FILE. Alternatively, you can draft the message on your computer (we prefer .txt plain text files), then run this: $ gpg -ae -r OUR_EMAIL_ADDRESS INPUT_FILE This will produce an encrypted form of INPUT_FILE in INPUT_FILE.asc. Be careful though, the unencrypted form still exists in INPUT_FILE. If you want to delete t his (i.e. if you are concerned that someone may access your local file system wi thout your permission), you can securely delete this file in Linux with the shre d command, like so (the -u option in Shred means "remove the file after you shre d it"; otherwise, the file remains as a shredded bunch of random 1s and 0s): $ shred -u INPUT_FILE N.B. this is not necessarily true on, say a journalling file system (e.g. OSX) o r on many USB flash memory devices which use wear-leveling algorithms. See the R esources section on Securely Deleting data. Keys Example: foo@bar.com Fingerprint: 62FE 7D6C A74F A35D A61C 63DD 0EBC 8BDB 31DE 7 EF1 The last 8 characters of the PGP / GPG Fingerprint are often published or displa yed as the PGP Key ID e.g. 31DE7EF1 which is usually enough to distinguish betwe en entries listed on a PGP Key Server. For no human friendly reason at all, some software insists on a prefix of 0x, presumably to signify hexadecimal data, lik e this 0x31DE7EF1 Links GPG home page Source of this Howto on OccupyWiki.org GPG for Windows

SHA1 checksum is f619313cb42241d6837d20d24a814b81a1fe7f6d SHA256 checksum is c8e1a45996456575649060a2fe17d1fc0e4d54d588636d3da743b11b2b9a4 4be direct insecure HTTP download link We are hosting this via HTTPS as well. GPGTools for Mac OSX HTTPS download page - you want to pick the topmost one that ends with ".dmg" and not ".dmg.sig". Mailing lists gnupg-users list Enigmail users list PGPNET PGP/in-line discussion, encrypted list with any topic for discussion, mes sages to list use PGP/in-line only. PGPMIMENET PGP/MIME discussion, encrypted list with any topic for discussion, me ssages to list use PGP/MIME only. Learn and Use Video: "PGP/GnuPG Key Generation and Use" from Boston Cryptoparty (Ross and Kevi n) via @torproject Verifying Software Downloads & Files: Hashing The main purpose of file hashing in context of crypto is to ensure that a) the f ile you've downloaded has not been corrupted during transfer and b) the file you have downloaded has not been tampered with by, for example, an threat agent wis hing to eavesdrop on your activities. File hashing also makes it easier to verif y that one has a particular file in one's possession by not having to make the f ile availeble, only the hash; comparing the hashes is sufficient to prove authen ticity and possession. A 'hash' is a unique number generated using a published algorithm on a particula r file. For example, if I have file1.txt, which has no text in it, and I run it through a hashing (formally, a message digest) algorithm, I will get mathematica l_value_1. If I then add text to the file, it has now changed and if I hash it a gain I will get a different result, mathematical_value_2. Hashing, which can use a variety of methods, such as MD5 and SHA1, is commonly u sed to compare two files to see if they are the same. So if you want download a file from the Interwebbytubes and a hash is provided, after you download it you can hash it, compare the two values and be certain that the file is complete, un corrupted and unchanged. A secure hash is a hash algorithm where it is thought to be nigh-impossible to d esign an input to get a desired hash output, and it is therefore nigh-impossible to generate what is known as a hash collision between an authentic copy of an i nput and a modified form. As an example; if one were to offer you a piece of sof tware that was signed using an insecure hash (such as MD5), it would be easy for a malicious agent between you and the server to provide malicious software with a colliding hash; that is, the hash of the authentic and malicious software is the same, so the signature seems to verify that the malicious software is legiti mate according to the developer. By contrast, a secure hashing function such as one of the SHA-2 family of functi ons is, so far, thought to be resistant to collisions and therefore is computati onally impractical to use for this sort of attack. An attacker would have to exp end unreasonable (read: hundreds of years of computer processing) computational power to find a variant of their malicious code that generated a matching hash t o one which the developer has signed. Bottom Line: Demand SHA-2 (i.e. SHA-224, SHA-256, SHA-384, SHA-512) or better. S HA-1 hashes aren't entirely trustworthy anymore, and MD5 sums are entirely insec ure, only useful for verifying unimportant downloads (which are seldom important enough to hash-check in the first place). Microsoft File Checksum Integrity Verifier WARNING: this is closed source software, developers cannot see the source code, but that should not matter too much, if it verifies the same checksums as other software does.

Microsoft File Checksum Integrity Verifier Use this tool to ensure to compare th e checksum of the tool you've downloaded with the publishers checksum. If the tw o values do not match then the tool should be treated as compromised. Hashtab & Hash My Files Two other useful utilities are HashTab and Hash My Files. These utilities add ex tra tabs to the file properties windows as well as an automated hash verificatio n function. Hash My Files also allows the user to compute and store message dige sts for every file on a system to detect whether or not they have changed (and p ossibly tampered with). WARNING: these are also closed source software, so developers cannot see the sou rce code, but that should not matter too much, if they verify the same checksums as other, software does. Checking Hashes on Linux / Mac sha1sum and md5sum are included in most Unix/Linux based operating systems (incl uding MacOSX) To use go to 'Terminal' in Applications>Utilities, navigate to the file you wish to use and type 'md5sum <filename>' where 'filename' is the filen ame, to get the md5sum. Compare with expected values from the site you downloade d from. Checking GPG Digitally Signed Software Package Signatures The Tor Project has a clear example of how and why you should check the integrit y of their software packages, which have been signed using GPG Digital Signature s. How to verify signatures for packages It is worth noting that one (possibly more) individuals on the Internet have set up slightly dodgy Tor Browser Bundle look- and sound-alike projects on Sourcefo rge under usernames that are easy to mistake for those of known Tor Project memb ers. Beginning of discussion thread. Disk Encryption TrueCrypt TrueCrypt is an on-the-fly disk encryption system. The software is freely availa ble, runs on multiple operating systems, and is very easy to learn how to use. T rueCrypt also plays nicely with dual-boot systems (such as Windows and Linux). TrueCrypt options include either full disk encryption or the creation of cryptog raphic container files, which mount as additional drive volumes. These functions are by no means mutually exclusive. By default such encrypted volumes automatic ally dismount themselves, e.g. when your screensaver kicks in or your laptop com puter goes into power saving sleep mode, and so on. TrueCrypt can also be used to encrypt USB flash memory sticks or digital camera or mobile phone memory cards. The caveat is that it is almost impossible to guar antee to securely wipe or overwrite the data from these devices due to their wea r leveling algorithms. Therefore you should use a fresh USB device to re-encrypt the data with a new secret key. TrueCrypt also includes a few options which theoretically provide plausible deni ability to the user not to be recommended if you are seriously in danger of rubber hose cryptanalysis, since your torturers will not necessarily believe you that t here are no more hidden partitions apart from the ones you have already revealed to them. That said, as of 2008-2009 neither the Brazilian National Institute of Criminology (NIC) nor the American Federal Bureau of Investigation (FBI) have b een able to crack several hard drives seized from of Brazilian banker Dantas who was suspected of financial crime. Furthermore, in 2012 the 11th Circuit Court o f Appeals ruled that that a John Doe TrueCrypt user could not be compelled (due to Fifth Amendment concerns) to decrypt several of his hard drives.[1][2] Learn and Use Slides: "Disk Encryption (TrueCrypt)" from CryptoParty London Video: Truecrypt" from CryptoParty Boston (Kevin) via @torproject FileVault Since version 10.6 of Mac OS X, Apple have offered users the ability to encrypt the home directory of their system. And from 10.7 onwards, Full Disk Encryption has been an option (technically referred to as FileVault 2). Enabling FileVault

requires the user to have admin privileges on the computer, and will prompt the user to restart. At the next boot, as soon as the user logs in, FileVault will s tart doing online encryption of the main system drive. Other drives connected to the computer can also be encrypted by selecting them in Finder and choosing "En crypt" from the File menu. When enabling FileVault, in addition to admin users being able to unlock the dri ve at login, a Recovery Key is also generated, with the option of escrowing this key with Apple. If you choose to do that, you'll have to provide various additi onal security questions/answers along with your Apple ID. Given the ease of use of FileVault, it should be almost the first thing you shou ld enable on setting up a new Mac. Unfortunately, it doesn't currently work on R AID drives. A detailed analysis of the internal workings of FileVault can be found in Infilt rate the Vault, and additional deployment reading can be found at Apple's Best P ractices. (Note the invalid certificate on that web server even big companies find i t hard to keep all their certificates straight!) LUKS LUKS is the Linux system for encrypted disks. It can be selected as an install o ption on most distributions. (Available in Ubuntu as of version 12.10). This is so-called "full disk encryption" - the system prompts for a password at boot, an d if you don't have it, you can't get anything from the hard drives. For Debian or Ubuntu-based servers which need unattended reboots, there's a program called Mandos. Tomb To find out about Tomb read this and this Learn and Use "The Dog Ate My Crypto Keys" (Whole-Disk Encryption) from CryptoParty London Video: "Truecrypt/LUKS, OTR, Secure VoIP/SIP w/ Jitsi, Bitcoin & data liberation " from CryptoParty Boston (@ageis) Secure Data Deletion As technology progresses, it is getting harder to Securely Delete sensitive data such as log on credentials or cryptographic keys etc. Suppose that you wish to destroy a copy of the sensitive documents or emails or logfiles etc. that you have on a particular computer. Doing so in a hurry, when your enemies are battering down your door, is almost impossible to do quickly en ough, because the data storage capacity of modern hard disks is huge. This is one of the advantages of using Encrypted Container Files or Whole Disk E ncryption - only a small Cryptographic Keyring needs to be securely deleted or p hysically removed and destroyed, to leave the bulk of the encrypted data unrecov erable forensically. It can take hours or days or weeks to overwrite the multi-Terabyte sized hard di sks which are common today, with multiple passes of random data , as specified i n many outdated military and government standards Eraser - open source secure deletion software for Windows, which helpfully also lists many of these standards. Exactly the same problem of the length of time it takes to erase a big hard disk , with multiple passes, is faced by users of dban or built in Linux utilities li ke shred. Apple Macintosh OSX users also have some Secure Erase options built in e.g. Appl ications / Utilities and double-click Disk Utility, then select the Volume, then click the Erase tab. A dialog box with three options should appear: zero-out, 7 -pass erase, and 35-pass erase. However, as has been shown in the pre-Court Martial hearings of the accused Wiki Leaks source Bradley Manning, the quick "zero-out" option i.e. one pass of zeros , is not sufficient to trouble standard digital forensics tools like Encase. For ATA hard disks, there are secure erase commands built into the disk controll er chipset, which can securely erase data with a single pass, but even that take s hours rather than minutes or seconds on modern hard disks. How to REALLY erase a hard drive - ZDnet article

Secure Erase by one of the inventors of the hard disk at Center for Magnetic Rec ording Research (CMRR), UCSD (sponsored originally by the NSA) When it comes to flash memory devices, these to are meant to have secure delete built into them, but it has been recently shown that this does not always work a s claimed. CMRR researchers have recently been forensically testing secure erasu re and recovery of a large variety of Solid State Disks, with very mixed results Reliably Erasing Data from Flash-Based Solid State Drives (.pdf) Flash Memory is also used for removable media like USB pen drives, digital camer a SD cards and mobile phone microSD cards, most types of which use wear leveling algorithms to spread the large but limited number read/writes that they can tak e, without the data blocks being permanently burned into a read only fixed state . This means that a deletion or overwrite of a Cryptographic Key on such media m ay well leave all or part of it still forensically readable by equipment which a ccesses the flash memory cells directly, beneath the Flash Abstraction Layer (FA L) device driver, which hides such low level operations from the computer or cam era or mobile phone operating system. For those people who claim that all you need is a "big magnet" to wipe a hard di sk, it comes as a shock when they discover that many , especially laptop compute r hard disks, now have quite a bit of Flash Memory in their disk controller buff ers, which is impervious to magnetic fields and which has a good chance of retai ning sensitive data. Unless your CryptoParty is being held outdoors, you should not try to demonstrat e the other technique favoured by some people, to securely destroy hard disks i. e. Thermite Encrypted Mobile Communications N.B. Mobile Phone Network CDR (GSM Call Detail Records or 3GPP Charging Detail R ecords) will still show your cell location, which numbers you are communicating with, how often, for how long and how much data is being sent or received, regar dless of any encryption Apps. Communications Data traffic analysis can be as int rusive, or sometimes more intrusive, than being able to read or hear the content s of a data or voice call. Gibberbot Gibberbot is a secure chat client for Android, capable of firewall and filter ci rcumvention, surveillance blocking and end-to-end encryption. It works with Goog le, Facebook, any Jabber or XMPP server, such as OpenFire or eJabberD. Unlike Bl ackberry BBM s broken single key security, Gibberbot uses the Off-the-Record encrypt ion standard to enable true verifiable end-to-end encrypted communications. It i s interoperable with OTR chat clients on other platforms. TextSecure TextSecure for Android phones encrypts your text messages on your phone, and all ows sending encrypted messages to other phones using TextSecure. Unless you subm it your passphrase, the spooks only know which people have sent messages, no mor e spying/retention of message content. RedPhone RedPhone Provides End To End Encryption For Your Calls, Securing Your Conversati ons So That Nobody Can Listen In. Only Available For Android Smart Phones Chatsecure Chat Secure for iOS is a free, open-source, encrypted messaging application that uses Cypherpunks' Off-the-Record protocol to secure a communication channel ove r XMPP (Google Talk, Jabber, etc) or Oscar (AIM). It is interoperable with secur e clients on other platforms. Note: since iOS is a closed, proprietary system, it is wise to create a separate key for use on iOS devices only. If you're really keen, you could create a sepa rate key for each client, device or situation. Privacy Protected Browsing Tor Tor An essential tool for anonymous browsing & anonymity, Tor is available for M ac, Linux, and Windows (and for Android devices under its Orbot distribution, an

d for iOS devices as the Onion browser: see entries below). In order to make you r surfing via Onion Routing as safe as possible, you will need to change your ha bits a bit; fortunately the website and its blog are very informative about your options for enabling anonymity for yourself and/or providing it for the world a t large. The community support is excellent. (Run a Tor relay long enough, and t he Tor Project shall give you a free Tor t-shirt!) In August 2012 the Electronic Frontier Foundation awarded The Tor Project a Pioneer Award.[3] You can use this visual explanation as a teaching tool when introducing people t o Tor and https. Check out the Tor Documentation Learn and Use Video: "Using Tor" from CryptoParty Boston (Andrew and Steve) via @torproject How to set up an obfsproxy Tor bridge on Debian and Ubuntu via @torproject Tor Browser Bundle Or, in other words, the basics you need, including the browser. Once installed a nd operated correctly this will allow you to browse the web using Tor. It does n ot provide Tor for other applications such as IRC or chat clients (these have to be configured on their own). Visit the Tor Browser Bundle webpage at Tor Project Tor Browser Bundle: Before you download scroll down and read the installation instructions for your operating system (in English). Click on the download link for your operating system and language and follow pro mpts. If you are having problems, scroll up the Tor Project Tor Browser Bundle page to 'Quick videos on how to use TBB' Tor does not provide 'anonymity' - you have to change your browsing habits as we ll. For more information on Tor read Tor: Overview. Onion browser on iOS This app is a Tor-capable browser for iPhone/iPad. Orbot: Tor On Android Orbot The official port of Tor to Android, Orbot was originally developed By The The Guardian Project InSync With The Tor Project Orbot only has full functional ity on rooted Android smartphones, but is quite easy to set up. Orweb: Proxy+Privacy Browser Orweb When used with the Orbot app, this web browser provides enhanced privacy f eatures via the Tor anonymity network for all versions of Android SmartPhones, u p to ICS 4.x. Disables Javascript, Flash and cookies, and hides your IP address (which is one way to determine your location). Note that no current privacy app can hide your smartphone's physical location from your own mobile phone network' s cell tower location tracking/triangulation technology, as the telephony infras tructure is distinct from the internet's own infrastructure. Orweb Was Originally Developed By The The Guardian Project InSync With The Tor P roject Ghostery Ghostery is a privacy browser extension which enables you to track the trackers and to configure the plethora of third-party apps and scripts to which web brows ing is heir. Ghostery renders the invisible web visible by making tags, web bugs , pixels and beacons apparent. If you want selected third-parties to analyze you r browsing data, you may do so. If you want to view their privacy policies, now that you can see who they are, you may do that as well. Ghostery is free to down load, quite easy to set up, and can be quite the eye opener. Ghostery screenshot s You too can opt in to provide data via GhostRank for the Better Business Burea u and the Direct Marketing Association! Learn and Use Protect the privacy and anonymity of visitors to your website (referred by Crypt oParty Philadelphia (US). Darknets A "Darknet" is an encrypted intranet of files, discussion fora, or html pages, w hich is available only to persons running the software or part of a secret or re

stricted usergroup within that network. Darknets are often friend-to-friend, in which cases connection is mediated/routed through trusted persons' connections ( although central "trusted" servers are often provided by default by the develope rs) (examples of this "F2F" approach are Freenet and Retroshare), or are routed through anonymity tunnels in a network of mutual-distrust, an inversion of the f riend-to-friend philosophy where no person is assigned total trust over a user's browsing (Tor). Tor Discussed above, Tor is an anonymous browsing network, but it supports a form of internal darknet known as Tor Hidden Services. This system attempts to ensure t hat no person can determine the location or IP/identity of the hidden-service se rver, provided the service/server is secure. It also allows for free "domain" ho sting, provided that a long hash-like key ending in ".onion" is an acceptable su bstitute to a dot-com address. Many popular websites in the hacker or activist s cenes have alternative .onion addresses for access through Tor in case of DNS bl ocking or ISP filtering in certain places, or to provide a more rigorous level o f connection security to visitors. With Tor Hidden Services there is end-to-end encryption, from your web browser, etc., through the cloud of Tor routers, right through to the final computer whic h is running the hidden service or services, so there is no extra security to be gained by specifying a SSL/TLS link, e.g. https://123456789012345.onion. Tribler Tribler is a p2p file sharing system with expanding development into darknet soc ial media and p2p hosted collaborative files. Tribler supports all known video a nd audio formats and can deal with all Torrent sites on the Internet. Click-andplay functionality, which enables you to begin viewing immediately, will shortly be extended with the addition of a Live function for viewing live channels or w ebcams. Beta Android as well as Linux, Windows and OS/X. Over one million downlo ads and very strong community participation. i2p i2P (Invisible Internet Project) is a darknet implementation built atop java, wi th full support for streaming, anonymous file sharing (BitTorrent), webserving, mail and more. i2p is a secure, anonymous network offering a range of services b y default. Resistant to censorship and monitoring. Has an active IRC which you c an access after installing i2p @ 127.0.0.1, 6668 Please see the comparison betwe en Tor and i2p from i2p. In general, Tor has had more peer review than i2p and i s likely more secure. Freenet Freenet is a java-based distributed darknet that operates best when given a larg e amount of space to work with (from 5GB to 1TB or more). Think of it like a gra ssroots usenet service: the more data you allocate, the faster your node becomes . Unlike Tor, static websites can be distributed to these datastores and preserv ed even if the authors go offline. Websites are maintained with private keys to maintain updates. With a security-concious setup, you can go as far as having a session-based encrypted datastore and using multiple trusted connections to reac h the rest of the network(like a "bridge" on Tor, connecting to friends or famil y before strangers). Frost is a bulletin-board style addon for Freenet that supports topic-threading and attachments. Secure Chat Off-the-Record (OTR) Messaging allows you to have private conversations over ins tant messaging by providing: Encryption No one else can read your instant messages. Authentication You are assured the correspondent is who you think it is. Deniability The messages you send do not have digital signatures that are checkable by a thi rd party. Anyone can forge messages after a conversation to make them look like

they came from you. However, during a conversation, your correspondent is assure d the messages he sees are authentic and unmodified. Perfect forward secrecy If you lose control of your private keys, no previous conversation is compromise d. A variety of chat clients are available which use OTR. Client support Native These clients support Off-the-Record Messaging out of the box. Adium (Mac OS X) climm (Unix-like), since (mICQ) 0.5.4 Cryptocat (Cross-platform), since 2.0 MCabber (Unix-like), since 0.9.4 CenterIM (Unix-like), since 4.22.2 Jitsi (Cross-platform) BitlBee (Cross-platform), since 3.0 (optional at compile-time) Gibberbot (Android) ChatSecure (iOS) Via plug-in The following clients require a plug-in to use Off-the-Record Messaging. Plugin support allows use of OTR with all of a client's implemented instant messaging p rotocols (e.g. OSCAR, XMPP, MSN, YIM/YMSG etc.). Pidgin (Cross-platform), with a plugin available from the OTR homepage<ref>Templ ate:Cite web</ref> Kopete (Unix-like), either with a third-party plugin<ref>Template:Cite web</ref> or, since the addition of Kopete-OTR on 12th of March 2008, with the version of Kopete shipped with KDE 4.1.0 and later releases.<ref>Template:Cite web</ref><r ef>Template:Cite web</ref> Miranda IM (Microsoft Windows), with a third-party plugin<ref>Template:Cite web< /ref> Psi (Cross-platform), with a third-party plugin and build,<ref>Psi-Patches and O TR-Plugin on tfh-berlin.de</ref> in Psi+<ref>Website of the Psi-Developperversio n Psi+</ref> native usable Trillian (Microsoft Windows), with a third-party plugin<ref>Template:Cite web</r ef> irssi, with a third-party plugin<ref>Template:Cite web</ref> Gajim, with a third-party plugin<ref>http://gajim-otr.pentabarf.de/ OTR plugin f or Gajim</ref> Proxy For those clients which have no native OTR support, a GUI proxy is available. Th at means that the messages are sent to the proxy unencrypted and get encrypted w hile they "flow" through this locally installed and running application called a proxy. Currently, the proxy provided by the OTR-project supports only the OSCAR -protocol, thus it can be used for .Mac, ICQ, Sametime, and AIM. The OTR proxy i s capable of SOCKS5, HTTPS, and HTTP. Chat Log Files Some of the Chat Clients listed above e.g. Adium, store plaintext, unencrypted C hat Logs, often by default, even when the OTR "security / privacy" plug-in is in stalled. If you are taking OTR precautions to protect your chats from snoopers over the w ire or over the air, you should either double check that you have manually switc hed off Chat Session Logging, or ensure that the Chat Logs you deliberately inte nd to keep are created on an encrypted disk drive or volume (see the Disk Encryp tion section above), in case your computer is lost, stolen or seized. It is also worth asking the person you are chatting with if they are inadvertently logging the chat with their Chat Client software. Learn and Use Slides: "Private Conversations over Instant Messaging (OTR/Pidgin/Adium) from Cr yptoParty London

Video: "Truecrypt/LUKS, OTR, Secure VoIP/SIP w/ Jitsi, Bitcoin & data liberation " from CryptoParty Boston (@ageis) Misc Tahoe LAFS Tahoe-LAFS (Least Authority File System) is a Free and Open cloud storage system . It distributes your data across multiple servers. Even if some of the servers fail or are taken over by an attacker, the entire filesystem continues to functi on correctly, including preservation of your privacy and security. Learn and Use How to set up your own distributed, redundant and encrypted storage grid, in a f ew easy steps via @AnonymousPress Intrusion detection systems AIDE (Advanced Intrusion Detection Environment) is a file and directory integrit y checker. It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to ve rify the integrity of the files. It has several message digest algorithms (see b elow) that are used to check the integrity of the file. All of the usual file at tributes can also be checked for inconsistencies. IronKey Need an hardware encrypted 16GB USB flash drive that'll self-destruct if an inco rrect password is entered a select consecutive number of times? Official website Flash drive selection IronKey Wikipedia article DistrRTgen DistrRTgen is a distributed rainbow table project which runs on the BOINC platfo rm. The generation of huge rainbow tables enables security experts to avoid weak cryptographic hash functions by providing evidence of same. Software Libraries Legion of the Bouncy Castle Jacksum GNU Crypto Project Operating System and Host Environment Home directory encryption Ubuntu Linux v8.04 has an option to set up a transparently encrypted private dir ectory in your home directory. Later releases of Ubuntu added an option to encry pt your entire home directory, not just a private subdirectory. When you log in, you will be prompted not only for your login passphrase but your passphrase for your home directory. Note that the presence of your files is not obscured, only their filenames and contents. The system used to do this is called EcryptFS, an d it uses the AES-128 algorithm by default. It has been compared to integrating GnuPG with a file system. Here is the official Ubuntu documentation. Due to the fact that there are stronger and better documented whole-disk encryption subsyst ems available in Linux, the user may wish to consider installing the entire syst em to a LUKS encrypted hard drive. Procedure for migrating an existing home directory to an encrypted home director y. Full Disk Encryption On a Linux operating system the entire disk or a disk partition can be encrypted with crypto-LUKS On Windows the entire disk can be encrypted using TrueCrypt. Another good altern ative is DiskCryptor. On Mac OS X 10.7 and 10.8 the built-in security feature FileVault can be used to encrypt the entire boot drive. Previous versions of Mac OS X (10.3 to 10.6) can encrypt your user directory, but not your whole hard drive. FileVault is very e asy to setup (System Prefs > Security > FileVault > Turn on), so any Mac user ca n make this a routine step. (While there is a port of TrueCrypt for MacOSX it is

not capable of full-disk encryption, only encrypted volume (file) encryption.) With full-disk encryption enabled, the operating system will not boot until a pa ssphrase is entered. Documents stored on the same encrypted disk or partition wi ll also be inacessible without the passphrase. Full-disk encryption is another l ayer of security, and can be used in combination with home-directory encryption and encrypted containers. See also The more detailed Disk Encryption section above. Operating Systems Tails Linux: The Amnesic Incognito Live System Tails Linux or The Amnesic Incognito Live System is a live Linux distribution de signed for preserving privacy and anonymity. It is the next iteration of the Inc ognito Linux Distribution. It is based on Debian Linux, and uses IPtables to rou te all outgoing traffic through Tor. TAILS is designed to be booted as a live CD or USB and no data is left on local storage media unless the user explicitly co nfigures this. It also writes random data to memory if it detects a power off to defend against the cold boot attack. If you are interested in using Linux in a more general way than Tails allows, pl ease see http://www.cryptoparty.org/wiki/Linux_Operating_Systems Libert Linux Libert Linux is not a generic live Linux distribution with anonymity features. Its primary focus is to let you communicate, stealthily and securely, with other pe ople in a hostile environment. Here, hostile environment is one where someone re sourceful seeks to find out your identity because of something you do. You might be a dissident in an oppressive Islamic regime, perhaps, or an anti-government cell coordinator in China. A highly-ranked mole in the US intelligence service, passing information to his handler in the Belarusian embassy. Or, a whistle-blow er in an international petroleum corporation. All these possibilities have somet hing in common: high technological capacity of the authority in place, and willi ngness to use this capacity to find out who you are in order to stop you. Of cou rse, you might just consider using Libert because you dislike the idea of a bureau crat somewhere deciding whether something you do online is legitimate or not. Yo u are welcome. (The above is a website summary.) Whonix "Whonix (called TorBOX or aos in past) is an anonymous, general-purpose operatin g system based on Virtual Box, Debian GNU/Linux and Tor. By Whonix design, IP an d DNS leaks are impossible. Not even malware with root rights can find out the u ser's real IP/location. This is because Whonix consists of two virtual machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway . The other machine, which we call Whonix-Workstation, is on a completely isolat ed network. Only connections through Tor are possible." (Project summary) E-mail Website Emailers Use a proxy or public computer to use these services safely. Best to encrypt mes sages with the recipient's public key (perhaps using Zerobin with a burn-after-r eading setting). SSL-enabled services https://www.zeta-uploader.com - A little shady but works. Attachments are sent a s a link. http://jhiwjjlqpyawmpjx.onion/ (onion link) Tor Mail is a Tor Hidden Service tha t allows you to send and receive email anonymously https://www.hushmail.com Hushmail offers private, secure free email accounts. Em ail is encrypted and spam/virus scanned Edit: Not entirely safe? https://en.wikipedia.org/wiki/Hushmail . Need more guys , https://www.networkworld.com/community/blog/hunting-email-service-extreme-wish list-privac not sure https://lavabit.com/ https://www.vmail.me/

Non-SSL services http://anonymailer.net/ http://anonymouse.org/anonemail.html - Random delay up to 12 hours. http://send-email.org/ - 500 character limit; sends quickly; cuts off the first letter of the message body. http://deadfake.com - Formatting issues at line breaks. http://www.dropsend.com/ - A little intrusive for the recipient but allows attac hments. Attachments downloaded from website link. Encrypted Dropboxes Privacybox.de Privacybox.de provides non-tracked (and also anonymous) contact forms. It is run primarily for journalists, bloggers and other publishers, but it is open for ot hers as well. It is powered by the German Privacy Foundation e.V. Uses a combination of encryption and anonymization techniques, e.g. SSL/TLS encr ypted web forms, Tor or I2P, GPG email encryption; the service promises not to k eep log files, etc. The source code to the web application is available for download and review. Data Liberation Got a lot of your personal/professional life tied up in one email account, in Fa cebook, LinkedIn or Twitter? According to the Data Liberation Front, every onlin e service should offer you a quick and easy way to move your data elsewhere. This is becoming increasingly important, as we log more and more of our day-to-d ay lives into proprietary networks. If you put it in, you need to know how to ge t it out. How do we do that? Can we do that? Who "owns" our data, including music, videos and ebooks we obtain by pressing th e Buy button? Who "owns" all our photos, home videos, blog posts and comments? W hen we create something, don't we have rights over how it is used? This is why you need to read the ToS (terms of service, terms and conditions). T his is why corporations need to stop making the damned things long enough to cho ke a elephant. This is why we need to look at distributed, open-source and priva cy-friendly alternatives like Diaspora. Learn and Use Video: "Truecrypt/LUKS, OTR, Secure VoIP/SIP w/ Jitsi, Bitcoin & data liberation " from CryptoParty Boston (@ageis) Virtual Private Networks (VPNs) Virtual Private Networks (VPNs) are a technology specifically for connecting com puters (or computer networks) securely across the Internet. VPNs effectively mak e an encrypted tunnel through which otherwise unencrypted network traffic can tr ansit securely. VPNs are most often used for securely connecting to a local network or office/wo rkplace network from a remote location. VPN services exist (often commercial) which are often used to access the Interne t from a remote location, this can be useful to circumvent geoblocking restricti ons (appearing to be accessing the Internet from the UK to watch iPlayer when on e is actually using a UK based VPN from elsewhere) or for circumventing web filt er technologies in the same way. VPNs can also be useful in this way for examini ng your own network connections to the Internet from an outside perspective. Microsoft PPTP Microsoft bundles Point to Point Tunneling protocol in with its Windows operatin g system. It is offered by many commercial VPN providers and is used by lots of organisations to provide remote access to corporate networks for home office or mobile users. Microsoft PPTP Problems There are serious questions about the security and encryption of PPTP, even thou gh it uses the still secure RC4 stream cipher algorithm. The authentication pass phrase is effectively only single DES 56bit encrypted (which used to be secure enough years ago). This can now be brute forced in a feasible time, using distri

buted cloud based computing resources i.e in under a day. "Microsoft PPTP is very broken, and there's no real way to fix it without taking the whole thing down and starting over. This isn't just one problem, but six di fferent problems, any one of which breaks the protocol. " - Bruce Schenier (1998 ) Moxie Marlnspike recently demonstrated serious problems with the primary authent ication method MS-CHAPv2 used by PPTP [4] N.B. You may still choose to use PPTP VPN connections where they allow you to ci rcumvent censorship, but then use another, more secure VPN tunnel method (e.g. O penVPN or Tor) or encrypted https:// web browsing session, through the PPTP tunn el. OpenVPN Open VPN uses strong encryption and is also available as an option from some com mercial VPN providers. Open VPN is already a topic at some CryptoParties - please add resources here VPN apps for iOS which don't require jailbreaking VPN Express VPN Fire An App Store search brings up quite a few VPN apps: check ratings and features c arefully. Be aware that most, if not all VPN providers will charge you money (pe r month and amount of data) for the privilege. ;) VPN in meatspace If you're shifting something other than electronic data around the world, you ma y find it appropriate to use a remailer or mail-forwarding service. Again, this will cost you a bit, but it gets you past some of the barbed wire fences which c ountries/corporations have recently erected. If your (or others') personal safety is at risk, plan carefully, using a combina tion of remailers, local postal forwarding and casual/courier drops. More cut-ou ts can be safer, but simple is faster. Look at what's available. SSH Secure Shell (SSH) can be used to effectively create a VPN between two computers . This is not particularly user-friendly, but is powerfully flexible and strongl y encrypted. Note: like your PGP keys, your SSH keys should be kept in a safe place. These ke ys identify you, so make sure nobody else gets their sticky hands on the private part of each key pair. If you leave your keys lying around, someone else will d rive off with your car, house or crucial data. (Never heard of mobile homes? Mob ile data? I rest my case.) OS X SSHKeychain is an app which manages and authenticates your SSH keys. SSH Agent "is a graphical front-end to some of the OpenSSH tools included with M ac OS X. Specifically, it allows you to start an ssh-agent, generate identities, and add identities to an agent. Additionally, it allows you to make the ssh-age nt global so that, e.g., Xcode can use it to do version control over SSH, and it has some functionality to set-up a secure tunnel." (from the website) iOS Without jailbreaking, there is currently no terminal access to the iDevice, but there are a range of remote-use apps which allow you to establish and manage con nections to other devices (via SSH, Telnet, VNC etc.). Here are a couple of exam ples: Terminus RapidSSH External VPN guides/links: Which VPN Providers Really Take Anonymity Seriously? How To Make VPNs Even More Secure How to Chain VPNs Learn and Use Video: VPNs from Cryptoparty Boston (David) via @torproject Bitcoin

Bitcoin is an alternative and virtual currency, obviating the need to use person ally-identifying information (e.g. credit card, PayPal account) when paying for goods or services online. If donating money to a good cause, or sending money to friends or family, would bring the corporate/government hammer down on you, Bit coin protects your privacy. Bitcoin is not difficult to use, and using it does n ot make you a criminal (criminals drive cars, but that doesn't make car-driving a criminal act: Bitcoin is just another tool, so drive carefully and spend your Bitcoins wisely ;) ). Learn and Use Video: "Truecrypt/LUKS, OTR, Secure VoIP/SIP w/ Jitsi, Bitcoin & data liberation " from CryptoParty Boston (@ageis) RFID RFID (Radio Frequency IDentification) is a near-field technology increasingly us ed to track people and property (in the eyes of the trackers, the two appear to be indistinguishable). NFID chips can be embedded in ID cards, in many day-to-da y objects (e.g. paper or clothing) and under the skin. These chips can be passiv e, thus undetectable without being triggered by the set frequency. Credit cards and multi-tickets containing RFID chips can be "waved" past a scann er to pay for something. To avoid someone activating your RFID chip without your consent (e.g. while it's in your pocket, to pay for something you don't receive ), you can block access to the chip by putting it inside barrier material (for e xample, that used in these RFID sleeves). In effect, you're "jamming" the radio signal. The OpenAMD Project explores the potential of large-scale human tracking. RFID is currently being used to track employees and students, including minors. Although tracking may initially be described as "opt-in", in large, regimented w ork or learning environments considerable pressure is placed on people to confor m. It is particularly worrying that children are being socialized to accept trac king (and its egregious invasion of privacy), while not understanding its ubiqui ty and how the data can be abused. VIDEO: How to block and/or kill RFID chips Remote Desktop software Microsoft RDP History of vulnerabilities Microsoft Windows computers have built in support for Remote Desktop Protocol (R DP) access from other Windows computers. These sessions are 128 bit encrypted wi th the RC4 encryption algorithm, but you need to be careful about credential ste aling and man-in-the-middle attacks (common to all remote access schemes), so , if possible, you should restrict it to specific IP addresses through your firewa ll / router. By default members of the Administrators group on the remote computer are allowe d to authenticate via Remote Desktop, but this is switched off by default on a w orkstation. On servers e.g. Windows 2008, Remote Desktop is usually on but by de fault restricted to Network Level Authentication. You might need to "Allow conne ctions from computers running any version of Remote Desktop (less secure)" To add extra Users (surely you were not thinking of connecting over the public i nternet as Administrator, were you ?) Start button / Computer - right mouse click /Properties / Remote Settings to start the Remote Desktop Client on Windows 7 - Start / enter mstsc in the Search programs and files box or on ol der versions of Windows - Start /Run / mstsc Enter the full Domain Name or IP address or WINS name or NetBIOS hostname of the remote computer Enter your Windows credentials on the remote machine in the "DOMAIN\User Name" f ormat then Password (note the direction of the "\" character, often the "/" work s as well in Windows, but not in this case) If the remote computer is not a member of a Domain, you may need to enter "HOSTN AME\User" to authenticate as a local user.

If you want to control a Windows Desktop via RDP from a Macintosh then the CoRD client works well. Apple Remote Desktop ARD Apple Remote Desktop ARD is built in to Apple Macintosh OSX computers. Prior to version 3, ARD encrypted only passwords, mouse events and keystrokes, n ot desktop graphics (or file transfers). Apple therefore recommended that ARD tr affic crossing a public network should be tunnelled through a VPN, Version 3 now uses AES 128 bit encryption: Apple Remote Desktop download Voice over IP Asterisk open source PABX etc. There are a lot of VoIP providers out there, varying in quality and hype, but th e big question (apart from CAN YOU HEAR ME?) is whether you can encrypt the conv ersation at both ends. Look for VoIP clients equipped with encryption standards (ZRTP, SRTP) but make sure the conversation is encrypted before it leaves your d evice, not on the VoIP provider's server (which can be decidedly shonky). Comparison of VoIP apps for different devices Zfone (ZRTP integrated), runs on OSX, Linux and Windows Jitsi (ZRTP integrated), FLOSS with LGPL licence, does voice, video, file transf er and desktop sharing: runs on OSX, Linux, Windows and you can build it for Fre eBSD The following services either aren't open source, have restrictions, or use a pa y model: KeyWe FREE! (SRTP), runs on iOS - <color=red>Offers a free SIP server for a limi ted time</color> VoIP One Click (SRTP), runs on iOS - <color=red>Free app-to-app only, offers hal fway encrypted app-to-phone on purchased credits.</color> Bria (SRTP), softphone to use with existing VoIP services, runs on iOS - <color= red>Costs $8.49 + seperate video, text, and codec purchases.</color> Note that you can use a VPN to encrypt VoIP conversations, but this method is da ta-heavy, so it's only suitable for use with fast connections (i.e. not on cellu lar/mobile networks). Learn and Use Video: "Truecrypt/LUKS, OTR, Secure VoIP/SIP w/ Jitsi, Bitcoin & data liberation " from CryptoParty Boston (@ageis) Mobile Phones / Smartphones Catcher Catcher by Kartsen Nohl, an IMSI Catcher detector using OsmocomBB The Rules of Beeping: Exchanging Messages Via Intentional "Missed Calls" on Mobi le Phones by Jonathan Donner, Technology for Emerging Markets Group, Microsoft R esearch India Counter-Surveillance Big Brother is watching you, but there's a lot you can do about it. Protect your privacy as above. Record and upload abusive government/corporate behaviour. The re are some excellent apps for keeping track of what's happening to you, and mak ing sure other people know when wrong has been done. We have more eyes, ears and voices than they do. Use what you have. (Thanks to Utah Liberty Watch for some of the suggestions below.) OpenWatch (Android) from the OpenWatch Project CopRecorder (Android) (iOS) from the OpenWatch Project JustIn TV (Android) (iOS) better than Qik, because the video can't be deleted with out you logging in Scanner Radio (Android) (iOS) Trapster (Android) (iOS) History Eraser (Android) Whapee (iOS) anonymous location-based image/video upload with text Cop Watch (iOS) iSpy Cameras (iOS)

Network Camera (iOS) Hidden Spy Cam (iOS) Learn and Use Video: "Counter-Surveillance" from CryptoParty Boston (David and Andrew) part 1 part 2 via @savebradley and @torproject Legal Issues Each nation-state has its own laws (and international treaties) regarding encryp tion and communications data. Some of these can legally force you to either hand over your de-cryption key(s) or to hand over de-crypted plaintext. Other laws c an force fixed line, mobile phone and internet service providers to retain the c ommunications data of millions of innocent people, for periods of time in excess of what they need for business purposes, which then puts such data at risk of a buse by corrupt or unscrupulous privileged insiders. Typically such big data laws are justified for the laudable purpose of investiga ting serious crime such as terrorism, human trafficking, sexually exploitive mat erial or drugs smuggling (some of the Four Horsemen of the Infopocalypse) but th ey soon get extended to routinely cover all types of crime, no matter how trivia l, and then routine activity, whereupon they impinge on civil socity and threate n fundamental political and human rights freedoms as part of an omnibus national -surveillance complex. Australia Australia is currently undergoing a National Security Enquiry, where the governm ent insists it needs to make our ISPs keep all our online data for two years (th e Australian Federal Police actually said they would prefer it be kept "indefini tely"). In other words, everyday users would pay extra ISP costs to have their p ersonal data stored and made available to any government agency and any European government (including the thinly-disguised dictatorships). Inevitably (followin g the well-established pattern of Big Data), this personal information would be left in taxis or bus shelters, it would be hacked and it would be abused. Every phone call, every email, every website you visit, every word you say in ch at... the Australian government wants it and wants you to pay to provide it, app arently under the assumption that our harmless and law-abiding vast majority wil l suddenly become criminals. Or is everyone guilty before proven innocent now? F or further info, follow #ozlog and #NatSecInquiry on Twitter and/or see the EFA (Electronic Frontiers Australia) site. It should be noted that the Australian Greens party, the Australian Pirate party , the EFA, various civil liberties organizations and many individuals have repre sented us very well at this enquiry. Unfortunately, anything labelled (accuratel y or not) "national security" just gets waved through by the two main parties. A nd they ask why so many Australian voters are disillusioned with politics... European Union Ireland Web censorship is apparently more common than direct surveillance in Ireland at present. Out-of-court settlements by IRMA (Irish Recorded Music Association) and Eircom, and others, have lead to widespread censorship of The Pirate Bay. A "st atutary instrument" was used by TD Sean Sherlock of East Cork (against massive p ublic outcry) to place court-order censorship of websites into the power of lobb ying bodies; the wording was very loose, and it is not clear if any oversight wi ll be employed. It is also not clear whether there will be a right to contest or to seek restitution for false censorship. The order makes no mention of requiri ng notice or warning to be given to site operators. Given that censorship is widespread at the DNS level, DNS records are logged at least and could be further inspected. There is little evidence of more concerted efforts at surveillance as yet. Uniquely in Europe, Ireland is in a significant position of power over multinati onal companies such as Google and Facebook, who establish primary offices in Ire land to take advantage of a tax loophole known as the "Dutch-Irish Sandwich". A small and underfunded, but apparently well-intentioned, office known as the "Dat a Protection Commissioner" has previously struck blows to privacy standards at m

any companies, including Facebook, who flagrantly abuse customer privacy. Citize ns can appeal to the DPC to take action on cases of perceived injustice and priv acy violation, but the office has few resources to deal with all issues under th eir remit, and primarily focus on "big issues". Decryption Laws The Electronic Commerce Act 2000 (nr. 27), which was enacted on 19 July 2000, co ntains a decryption order in article 27 (2) (c). A judge can issue a search warr ant if there are reasonable grounds to suspect an offence under the Act has been committed. Such a warrant authorises investigation officers, among other things , "when the thing seized is or contains information or an electronic communicati on that cannot readily be accessed or put into intelligible form, to require the disclosure of the information or electronic communication in intelligible form" . Persons or public bodies who fail or refuse to comply are guilty of a summary offence (art. 27 (4)). (source Crypto Law Survey) United Kingdom United Kingdom Regulation of Investigatory Powers Act 2000 Part III Investigatio n of electronic data protected by encryption etc. penalty of up to 2 years in pr ison or up to 5 years in prison if the words "national security" or "child indec ency" are invoked by the investigators through a Section 49 notice. There is als o a "tipping off" secrecy power, which if invoked, has a penalty of up to 5 year s in prison for telling someone that they are the subject of such a Section 49 n otice. RIPA Part 1 Chapter II Acquisition and disclosure of communications data is in t he process of being extended to cover not only designated, Communications Servic e Providers (regulated telephone and internet and postal delivery companies) but potentially every web click in a search engine like Google, all Twitter and Fac eBook activity or Voice over IP conversation etc. using Deep Packet Inspection b lack boxes and filters, only seen so far in repressive dictatorships. Open Rights Group wiki on the Communications Data Bill N.B. there are a few legal loopholes in this repressive legislation, which UK Cr yptoParty experts will be able to advise on. "U.K. Legal Aspects of Cryptography and Anonymity" (.ppt) (.pdf) (from CryptoPar ty London) United States Organizations and Legal Support Electronic Frontier Foundation The EFF is the premiere American advocacy group for digital rights. Chockful of useful information ranging from proposed international treaties and amicus curi br iefs with the United States Supreme Court to whether the cops can search your sm artphone without a warrant and surveillance self-defense. Highly recomended. Courses and Education Coursera: Cryptography taught by Dan Boneh, 27 August 2012 to 1 October 2012 Jacob Appelbaum (Part 1/2) Digital Anti-Repression Workshop - April 26 2012 Jacob Appelbaum (Part 2/2) Digital Anti-Repression Workshop - April 26 2012 Khan Academy: Journey into Cryptography Udacity: Applied Cryptography (cs387) Where to go for more information The EFF has some excellent resources for those still trying to get their head ar ound things here: https://ssd.eff.org/tech A great and very complete tutorial on how to use various tools is Peter Guttman' s epic slide deck http://www.cs.auckland.ac.nz/~pgut001/tutorial/index.html Folk s who are running a cryptoparty might want to look for these to get what they ne ed for teaching how to use certain programs. If you are interested in foundations Applied Cryptography by Bruce Schneier is a great book to read. If you complete all the exercises on http://crypto-class.org you'll reach a poin t where you have a good idea of how hard it can be to get crypto right.

1. Break ciphers... crypto-class has some great exercises for this also if you f ind yourself addicted to breaking stuff here are >100 puzzles. There is a fine l ine between secure and radically insecure, you'll learn about this by making and breaking ciphers. 2. If you are thinking of writing your own software, by all means do, make it op en source and prepare to learn. But beware of making grandiose claims about secu rity and the Dunning-Kruger effect. Cryptoschemes take years to be considered 's ecure'. Combining schemes can often interact in ways that weaken the two systems , some combinations are often weaker than their parts. Misc Links How to Exit the Matrix (.onion Tor Hidden Service) Security Basics (.onion Tor Hidden Service) Slide Stack from CryptoParty Perth AU (incl. some good visual intros for beginne rs) Internet Security 101 the evolving CryptoParty Guide (don't panic, and bring your towel) Some Relevant Quotes from Twitter and Elsewhere "BREAKING: "corrupted nerds" cited as the reason for sweeping expansion of surve illance powers http://aph.gov.au/live #CorruptedNerds" ~ @SenatorLudlam 21/8/12 "Encrypt your data, the Cybercrime Bill has passed: http://bit.ly/TTq8bN #natsec inquiry #ozlog #cybercrime #corruptednerds" ~ @PiratePartyAu "ain't no party like a crypto apps install party." ~ @m1k3y 22/8/12 "I want a HUGE Melbourne crypto party! BYO devices, beer, & music. Let's set a t ime and place :) Who's in?" ~ @Asher_Wolf 22/8/12 "12:29pm Senate passes #CyberCrime amendment 7:19pm @m1k3y ain't no party like a crypto apps install party 7:24pm @Asher_Wolf .. #CryptoParty" ~ @mylespeterson 23/8/12 "Am I the only one thinking #cryptoparty sounds like something scandalous teen g irls are doing these days? (& wouldn't it rock if they did?)" ~ @lex_is 23/8/12 "Ain't no party like a #cryptoparty 'cuz a #cryptoparty don't MbqwR5+eqstXjRY5lw jkzo7qXVzSwVYJ82" ~ @quinnnorton 24/8/12 "There's a #CryptoParty in my pants, but only Alice and Bob are invited" ~ @xntr ik 25/8/12 Sir Humphrey: "Can you keep a secret?" Bernard: "Of course" Sir Humphrey: "So can I" - Yes Minister, episode 1 Open Government, 25th February 1980 "Surely, as we reflect on the consequences of the digital shift from a default o f forgetting to one of perpetual memory, we should be seeking to restore, as far as possible, the individual's right not simply to their privacy, but to having the right to delete that which they have created, in the same way as can be done in the analogue world." ~Shadow Communications Minister Malcolm Turnbull "The Street finds its own uses for things -uses the manufacturers never imagined ." ~William Gibson Security Humour Presentations or talks at a CryptoParty should, of course, be leavened with some humour... Security Humour