In previous posts I talked about the mass surveillance by the NSA and GCHQ, and also posted an excellent video that explains about the threat to privacy in the modern age on the internet. If you are worried about privacy on the internet then there are many tools out there that can help you. I thought I would list a few of them here. Some of the tools are free, and some are not.
Tor Browser Bundle
First up is the Tor Browser Bundle. This is a modified Firefox web browser that is aimed at making your web browsing anonymous. By this I mean that no one can trace what sites you are visiting. It does this by redirecting your browser traffic through thousands of other relays.
This does make your browsing experience a lot slower, but that’s the price you pay for anonymity. Here is their official blurb.
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.
The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.
Tails Linux Distribution
Next up is the Tails Linux Distribution. This is a version of the Linux operating system that has been made easy to run as a live disk from a USB stick or SD card. This means you can just pop it into a PC and book straight off of it. Tails also comes pre-installed with the Tor Browser bundle.
Here is the description from the Tails site.
Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly.
It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer’s original operating system.
GNPG is an free open source implementation of the popular OpenPGP standard. PGP is an encryption and key management scheme that allows you to safely encrypt and sign your data.
There is a commercial version of PGP available, but it is now owned by Symantec, and judging by previous example of their software it is most likely buggy and not very good as well as over priced. GnuPG is a better choice in my mind as it is open source and the code has been vetted by many developers around the world.
Here is the info from the GnuPG Site.
GnuPG is the GNU project’s complete and free implementation of the OpenPGP standard as defined by RFC4880. GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available.
If you want to ensure that all the files on your machine are safe from prying eyes, then you can encrypt you entire hard drive which means if your laptop gets stolen, you can be fairly safe that no one can access your files provided you have chosen a decent strength password. There are a number of tools out there for doing this both paid and free, but TrueCrypt is a tool that is highly regarded.
Here is the description from their site.
Main features are – Creates a virtual encrypted disk within a file and mounts it as a real disk. Encrypts an entire partition or storage device such as USB flash drive or hard drive. Encrypts a partition or drive where Windows is installed (pre-boot authentication). Encryption is automatic, real-time (on-the-fly) and transparent. Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted. Encryption can be hardware-accelerated on modern processors. Provides plausible deniability, in case an adversary forces you to reveal the password: Hidden volume (steganography) and hidden operating system.
SafePad is a tool I developed. It is a replacement for Note Pad in windows that uses strong AES Encryption to secure your documents. The strength is based on 2 passwords.Using these 2 passwords, your data is encrypted 3 times with AES256. This tool is free and open source. It is useful for storing password to other sites and any other sensitive information that you want to keep private. I am currently working on the next version of this tool.
Here is the main product description.
Safe Pad is a simple text editor with a difference. When you save your document strong encryption is used to protect your file. Safe Pad uses AES256 to triple encrypt your document. This triple encryption is based on the strength of 2 passwords giving you an effective key strength of 512bits.
Safe Pad is ideal for storing sensitive information that you do not want anyone else to be able to access, like passwords, credit card details, license keys, or any other secret information.
Safe Pad works like a standard text editor and allows you to do basic formatting and picture inserting just as you would do an any word processor. You can even paste information from programs like Microsoft Word.
If you want to make private voice and video calls from your mobile phone or tablet, and don’t want to rely on Skype (especially as it is reported that the security may be have weakened) then there are a number of options. The first one is Silent Circle. This is a secure voice communications system that relies on peer to peer encryption to protect your call privacy. This company is run by Phil Zimmermann who invented PGP. This is not a free product, but also it is not that expensive.
Here is the description from their site.
When a Silent Circle subscriber makes a phone call, sends a text or video chats with another Silent Circle member, that transmission is secured and encrypted end-to-end from their iPhone, Android device, iPad or Windows computer on our crystal-clear secure network.
Silent Phone subscribers can add Out-Circle Access for an additional monthly fee, to call people without a subscription in the US, Canada, or Puerto Rico. These calls are secured from the Silent Phone subscriber’s device to our servers, and are then routed via PSTN local carrier services to the non-Silent Circle device like any regular phone call.
There is another alternative to Silent Circle that you can use called Unseen.is. This is a similar to silent circle in that it will encrypt text, voice, and video.
Unseen.IS comes in 2 versions, a free version and a version that costs $49 a year. Here is the description from their site.
We offer secure and private communications for consumers and businesses. Our service replaces insecure applications like email and Skype® with a state-of-the-art web site, mobile apps and desktop clients that all work together to help you securely communicate wherever you are. Our powerful encryption combined with secure infrastructure will protect your valuable communications. We’re based in Iceland because they will protect your human rights with their very strong data privacy laws. Get started with a FREE account now.
Integral Crypto 197 Flash Drive with AES Hardware Encryption
The final tool I want to mention is a small piece of hardware. It is the Integral Crypto 197 Flash Drive with AES Hardware Encryption. This is a standard USB flash drive, but it allows you to encrypt the content with FIPS 197 compliant AES encryption. This tool is a must if you need to carry data around with you.
Here is the product Description
The Integral Crypto Drive offers AES 256-bit hardware encryption. FIPS 197 approved.;Military Level Security – AES 256 bit hardware encryption. Mandatory encryption of all files (100% privacy);FIPS 197 Approved – Certificate No. 1137 ;Secure Entry – Data cannot be accessed or removed without the correct high strength 6-16 character password;Brute-force Password Attack Protection – Data will be automatically erased after 6 failed access attempts and Drive reset;Personal ID Function (optional) – Contact details can be added so that Drive can be returned, whilst confidential data remains secure;Zero Footprint – No software installation required;Rugged Waterproof* Design – Steel inner casing and rubberised outer casing, designed to protect the data if dropped, crushed, submerged in water, or subjected to break-in;Easy To Use – Pre-loaded user interface in 24 languages.
You can buy these Flash Drives from Amazon.
I have covered a number of popular tools for helping you maintain privacy and anonymity on the internet. This isn’t an exhaustive list by any means. If there are some other privacy tools that you recommend, then please post links to them in the comments on this page and I will amend the post so that it becomes a useful resource and index of tools.