NSA, Security, And More


I’ve written before about encrypting email, why you should, yet more reasons to encrypt your email (this one is interesting.  A link in 2010 about barry wanting backdoors in encryption products), keeping the IRS out of your inbox, and encrypting your computer.  I’ve even written a how-to on encrypting your email.  Heck, I’ve even blogged about ways to encrypt your voice traffic on mobile networks (although, I wonder about backdoors).

That got me thinking:  “What do I need to do to beat NSA monitoring?”  Now, I’m sure they can throw tons of computing power at problems and break whatever I can throw at them; however, if I can make them spend 2-5 seconds doing it…it may be worthwhile.  In this post, I wonder about options.

At the moment, I’ve settled on some off-the-shelf open source apps:

GibberBot (mobile chat encryption)
Adium / Pidgin
GPG (encrypted email)

However, I’m still at the mercy of others.  Do I trust the Adium/Pidgin/GibberBot developers to be independent?  Yes (especially since their code is open source).  TextSecure, I also trust.  Redphone is a bit iffy.  Sure their code is open source; however, I think they route the calls through their network instead of peer-to-peer somehow.

I think the only way to KNOW you are secure is to do it yourself.  Use opensource software, hosted on a server you own (not a managed server, etc…), with encryption keys you control.  Then, if the police raid the colocation facility, take your server, all they get is a box…you would have to decrypt it yourself.  I’m really thinking about doing this…I just need to find a VoIP app that will let me do encrypted voice mobile and on a computer (too bad Google shut down Gizmo)

Image from trevor blake via flickr

Leave a Reply

Your email address will not be published. Required fields are marked *