I’ve written before about encrypting email, why you should, yet more reasons to encrypt your email (this one is interesting. A link in 2010 about barry wanting backdoors in encryption products), keeping the IRS out of your inbox, and encrypting your computer. I’ve even written a how-to on encrypting your email. Heck, I’ve even blogged about ways to encrypt your voice traffic on mobile networks (although, I wonder about backdoors).
That got me thinking: “What do I need to do to beat NSA monitoring?” Now, I’m sure they can throw tons of computing power at problems and break whatever I can throw at them; however, if I can make them spend 2-5 seconds doing it…it may be worthwhile. In this post, I wonder about options.
At the moment, I’ve settled on some off-the-shelf open source apps:
GibberBot (mobile chat encryption)
Redphone
Adium / Pidgin
GPG (encrypted email)
TextSecure
However, I’m still at the mercy of others. Do I trust the Adium/Pidgin/GibberBot developers to be independent? Yes (especially since their code is open source). TextSecure, I also trust. Redphone is a bit iffy. Sure their code is open source; however, I think they route the calls through their network instead of peer-to-peer somehow.
I think the only way to KNOW you are secure is to do it yourself. Use opensource software, hosted on a server you own (not a managed server, etc…), with encryption keys you control. Then, if the police raid the colocation facility, take your server, all they get is a box…you would have to decrypt it yourself. I’m really thinking about doing this…I just need to find a VoIP app that will let me do encrypted voice mobile and on a computer (too bad Google shut down Gizmo)
Image from trevor blake via flickr