Nathaniel Eliot ([info]temujin9) wrote,
@ 2008-08-30 19:52:00
Previous Entry  Add to memories!  Tell a Friend  Next Entry
Current music:Lemuroid - Karma
Entry tags:hacking, politics

Also, Some Paranoia
Couldn't have the whole day filled with joy: assume all your unencrypted internet traffic is being read, because there are published ways to do so without even breaking the rules. And like IPv6 (built to address IPv4 address exhaustion), the corporate world will ignore this until after the problem's costs dwarf the costs to switch.

On the plus side, this makes the whole telecom spying program an expensive public-relations disaster, for little added benefit. Geeks can achieve quietly, and with an only slightly bent protocol, what it takes large (and easily noticed) installation for the government to do. Granted, geeks caused the problem by being too generally trusting, but the same could be said of Americans and the current run-away government. At least the geeks fessed up and are trying to fix the problem publicly.

Encrypt your traffic, folks: HTTPS, GPG, SSH, etc. It's not a panacea (traffic analysis can still say lots about you), but it's a start. Encrypt early, encrypt often, encrypt for fun and profit (or at least, less no-fun and no-profit).


(7 comments) - (Post a new comment)


[info]heatherthegreat
2008-08-31 03:49 am UTC (link)
So in extreme layman's terms: what the hell does this mean?

(Reply to this) (Thread)

[info]temujin9
2008-08-31 05:35 am UTC (link)
It means anybody can spy on what you do online, without you (or the company you get internet from) being any the wiser. The only solution that won't take 20 years to enact is to use encryption: thankfully, that's also fairly simple to use (and built into many browsers, etc).

(Reply to this) (Parent)(Thread)

[info]heatherthegreat
2008-08-31 02:00 pm UTC (link)
How do I make sure I'm encrypted?

(Reply to this) (Parent)(Thread)

[info]yangenigma
2008-08-31 05:28 pm UTC (link)
Seconded! How does one encrypt their stuff - both web-browsing and emailing?

(Reply to this) (Parent)(Thread)

[info]temujin9
2008-08-31 08:31 pm UTC (link)
See my response to Heather, below.

(Reply to this) (Parent)

[info]temujin9
2008-08-31 08:31 pm UTC (link)
For web-browsing, it's generally just a matter of keeping an eye on the address (which should start with https:// instead of http://) and your browser's security icon (in Firefox 3, the lock icon in the lower right corner). Many sites provide the access over https that they do over http; adding that 's' to the beginning of the URL will often shift you to the encrypted side seamlessly. If given an option at login time, always pick the secure login; most sites should just give you https by default for login, but there's always some that are behind the curve.

Email is another (and unfortunately more complicated) ball of wax. This is the best newbie tutorial on GPG I could find. I'd love to write one myself, but my workload means that it'd be a while in coming.

I'm big on improving computer literacy wherever possible, and encryption's one of those areas people know little about. Let me know what questions come up.

(Reply to this) (Parent)(Thread)

[info]heatherthegreat
2008-09-01 02:13 pm UTC (link)
I asked gmail to use https and it's working. I didn't know about the secure login thing. I'll have to do that from now on. I am computer illiterate but I'm fantastic with applications. Go figure.

(Reply to this) (Parent)

(7 comments) - (Post a new comment)

Create an Account
Forgot your login or password?
Login w/ OpenID
English • Español • Deutsch • Русский…