Back in 2013 I set out to decentralize and to end-to-end encrypt as much of my private communication as possible (see here how it all began and here for the overall history). It’s been the year of the Snowden revelations and I was (and still am) more than just a bit concerned. Since then I’ve … Continue reading Raising the Shields – Part 15b – Email Privacy!
According to public wisdom, the days when Skype was secure are long gone and I use my own instant messaging server to communicate securely when it comes to text messaging. When it comes to video calling, however, there are few alternatives at the moment that are as universal, as easy to use and with a … Continue reading Raising the Shields – Part 14: Skype Jumps Into My VPN Tunnel Despite The NAT
After all the mess with Heartbleed a few weeks ago and updating my servers I started thinking about the current state of security of my VPN gateway at home. So far, I've used a very old but rock solid Linksys WRT-54G with DD-WRT on it for providing Wi-Fi at home and VPN server functionality for … Continue reading Raising the Shields Part 14: Setting Up An OpenVPN Server With A Raspberry Pi
I do a lot of remote computing support for my family members and so far used VNC remote screen viewing over an unencrypted connection for the purpose. This is obviously far from perfect from a security point of view but until recently I didn't find anything that is more secure, as simple to use and … Continue reading Raising the Shields Part 13: Secure Remote VNC Desktop with a Raspberry Pi SSH Bridge
There we go, as recently reported, my eMail hosters now use Perfect Forward Secrecy (PFS) key negotiation to thwart mass surveillance. There is one more thing I'd like to have though, not from them, but from Mozilla and others working on eMail client programs such as Thunderbird: Warnings when SSL certificates change. While it's great … Continue reading Raising The Shields – Part 12: Why Do eMail Clients Not Have An Option To Show Certificate Changes?
One of the few positive outcomes of the ongoing spying scandal is that German email hosters have announced to improve security for email exchanged between them by introducing encryption. In addition, many of them have now upgraded their security for SMTP, POP and IMAP connectivity to their customers as well. When I recently run a … Continue reading Raising the Shields – Part 11: My Email Hoster uses Perfect Forward Secrecy Now
Apart from video telephony, eMail is one of the services I have to use without encryption and is thus a thorn in my quest for having as much privacy as possible online and to protect myself from the doings of surveillance states. I tried my luck with the Thunderbird GnuPG plugin but in practice there … Continue reading Raising the Shields – Part 10: The Darkmail Inititative
It's been a while since part 8 of this series on how I've improved protection of my privacy in the face of massive human rights violations against my freedom and privacy by a number of security organizations around the world as revealed by Edward Snowden. I've said good bye to public instant messaging providers and … Continue reading Raising the Shields – Part 9: Open Flanks And Security Agencies Acting Like an Auto-Immune Diesease
The next step in raising my shields against all sorts of three letter agencies spying on my data packets on the Internet has been to think about how I can protect myself better against spying on my instant messaging communication between my family members. In part one of this series I've already made the first … Continue reading Raising the Shields – Part 8: Prosody – My Own Instant Messaging Server For Family Communication
Most users today are very happy that web services recognize them when they come back to use a service over many weeks or even months as they don't have to identify themselves each time they visit a site. While this is undoubtedly convenient it creates a number of severe privacy issues: On sites like my … Continue reading Raising the Shields – Part 7: Auto-Delete Cookies When The Browser Closes