A Case For Encryption

This article is perhaps one of the best arguments for using encryption in your day to day emails that I’ve ever seen.

No email privacy rights under Constitution, US gov claims

On October 8, 2007, the United States Court of Appeals for the Sixth Circuit in Cincinnati granted the government’s request for a full-panel hearing in United States v. Warshak case centering on the right of privacy for stored electronic communications. At issue is whether the procedure whereby the government can subpoena stored copies of your email – similar to the way they could simply subpoena any physical mail sitting on your desk – is unconstitutionally broad.

Essentially, there are several arguments that are being used to try to get courts to agree that email is not subject to any “reasonable expectation of privacy”.  The arguments are several…  Your email provider probably has language in their Terms Of Service that allow them to examine your email.  It almost certainly has language in it that says that if they get a supoena for copies of your email they’ll happily hand over everything it demands.

in 1963 the US Supreme Court ruled in Katz v. United States that the user of a payphone could claim a right to privacy.  That’s when the standards for “reasonable expectation of privacy” were established.

1. Do you think that what you are doing is private?
2. Is this something that society will accept that your belief is objectively reasonable?

An email message is basically text that has been formatted according to a standard and is then transmitted from one server to another until it arrives at it’s destination.  This email is in plain, unencrypted, text form.  Which means that if you know what file to open, you can read an email in a text editor.  Some emails do use a form of encoding to allow binary content to be sent over a text medium, but that encoding (Base 64) is a well known standard that is not indended to keep anything private.

The only way to make email private is to actually encrypt it.  The easiest way to do this is to use PGP or GnuPG (GPG) to encrypt the text of your email so that only the intended recipient can decrypt and read it.  Here’s a tutorial I wrote about how to install and use PGP.

You wouldn’t write private physical mail on the back of a postcard would you?  When you do send a letter in snail mail that contains anything private you put it in an envelope and seal it with the full expectation that it won’t be opened except by the person it’s addressed to.

Encrypting email is the same principal.  If I send an email, especially if it’s private for whatever reason, then I’m going to get the recipient’s PGP key and use that to encrypt the email so that only they can decrypt and read it.

Technorati Tags: , , , , ,

Texas Hospital Wants Blogger’s Identity

A hospital in Paris, Texas has filed a defamation suit against an anonymous blogger that has been writing very critical postings about the hospital and their practices.  This is testing the limits of freedom of speech and the rights of whistle-blowers that are trying to expose some wrong doing.

This thing is already going the wrong direction because a district judge already plans to order a Dallas ISP to reveal the blogger’s identity.  Naturally the blogger’s lawyer is appealing to preserve his anonymity and ability to speak without fear of retaliation.

This kind of lawsuit and the fact that sooner or later it’s possible that some judge is going to cave and establish a nasty precedent that allows anyone to file a suit claiming defamation and demand an identity.  Which can then allow the blogger to be dealt retribution in as many forms as you can imagine.

This is why it is very important to be extremely careful when blogging anonymously.  You need to make certain that there are no links back to you in email, your IP address appearing in the logs of every web site you visit and so on.

It can take a little bit of work and the learning curve is a bit steep, which means that only those who are genuinely serious will pursue truly anonymous, untraceable blogging.  But it CAN be done and I’m going to cover some of the details in upcoming posts.

Technorati Tags: , , , , , ,

Policies

“A Peculiar Blog” is a personal blog written and edited by me. In it I write about things that interest me and/or that I feel need to be mentioned. From time to time I will be writing about products, services, websites and assorted other topics.  There will also be advertising appearing on the site in various forms.

The presence of an advertisement does not necessarily mean that I am endorsing the website, product or service unless I specifically say that I’m endorsing it.  Any claims, statistics or other statements about a website, product or service mentioned on this blog should be verified with the manufacturer or provider thereof.

The opinions expressed in this blog are entirely my own regardless of the topic or type of post. The content is mine, the blog is mine and I’ll write anything in it that I want to without regard to whether any person, business or government approves of what I have to say.

*note*

From time to time I will publish posts that are entirely or partially fictional in nature. I leave it up to the reader to determine what is fictional and what is true.

Privacy

The uses cookies to assign a unique, (pseudo) anonymous identifier to the user’s Internet browser. Cookies are small data files commonly used on the Internet to help optimize and personalize the Internet end user experience and identify repeat visitors to Web sites.

Some of these cookies are generated by the use of third party cookie technology such as Commission Junction, Bidvertiser, Kontera, Adsense and others.  Anyone can elect not to permit their browser to accept such cookies at any time.  These cookies can also be cleared at any time using controls in the browser’s options.

Like most standard Web site servers, we use log files to collect Internet protocol (IP) addresses, browser id string, Internet service provider (ISP), referring/exit pages, platform type, and date/time stamp. The information is used to analyze site usage, build an understanding of overall usage and navigation trends, and determine the relevance of the site’s content. This information isn’t linked to any personally identifiable information and is not retained beyond the normal rotation of logs on the server.

Comments

Comments from readers are welcome and encouraged.

Due to excessive spamming and my growing intolerance of the need to deal with it, “dofollow” comments are a thing of the past and they will NOT return.

ANY urls in comments are automatically suspect and are subject to me either removing the url / link code or just deleting the entire comment.  Simply put, any link in a comment had better have an extremely obvious relevance to the discussion or it’s going to get nuked.

If you want to advertise your site on this blog please contact me for my advertising rates.  You are NOT welcome or invited to use comments on my blog to get free link juice for whatever snake oil selling website you are promoting.

Full Comment moderation is in use which means that name and email must be filled out in order to post a comment and that ALL comments will then be held for moderation before appearing publicly.

I reserve the right to delete any comment at any time, for any reason or for no reason.

I further reserve the right to update these policies at any time without notice.

Microsoft Gets Help From NSA for Vista Security

Anyone remember the FUD that used to circulate on web forums and usenet
groups about how the NSA supposedly had a backdoor in Windows? Well,
When it comes to Vista, it’s actually possible (however likely it may or
may not be) that there could actually be something to those old claims.

Seems that the software giant is getting some "help" from the N.S.A.
in dealing with malware. I can’t help think that the fact that this bit
of genuine news and that it IS genuine and not simply FUD is
going to convince a LOT more people to move to Open Source operating
systems like Linux.


Microsoft
Gets Help From NSA for Vista Security

An anonymous reader writes "The Washington Post is reporting that
Microsoft received help from the National Security Agency in
protecting the Vista operating system from worms and viruses. The
Agency aimed to help as many people as they could, and chose to assist
Vista with good reason: the OS still has a 90 percent lock on the PC
market, with some 600 million Vista users expected by 2010. From the
article: ‘The Redmond, Wash., software maker declined to be specific
about the contributions the NSA made to secure the Windows operating
system … Microsoft said this is not the first time it has sought
help from the NSA. For about four years, Microsoft has tapped the spy
agency for security expertise in reviewing its operating systems,
including the Windows XP consumer version and the Windows Server 2003
for corporate customers.’"

An anonymouse poster on usenet expressed it very nicely…

The NSA has two roles in life. 1) protect their own stuff, and 2)
break stuff that belongs to everyone else.

Since Vista isn’t just NSA software does anyone else think the NSA
would be shirking its duties if it didn’t at least look for it’s own
set of exploitable holes? Or add a couple?

No way no how. Vista is poison to anyone who wants any privacy at
all. The NSA is well aware of things like Freenet, Tor, and remailers.
You’d be an idiot to believe they’re not looking for ways to crack
them. And a fool to believe they wouldn’t take advantage of any if
they had the opportunity. The mass wire taps on US soil already tell
us they care nothing about being found out.


definition:

FUD: Fear, Uncertainty and Doubt
(or deception)

 Page 5 of 5 « 1  2  3  4  5