Protecting your personal privacy

Slashdot it! Delicious Share on Facebook Tweet! Digg!
Luca Bertolli,

Luca Bertolli,

Of Apples and Smurfs

Your privacy is threatened left, right and center. And it is not only online criminals snooping on your data, but also meddling government agencies and unscrupulous companies. Either way, there are still things you can do to fight back.

Apple has been required by the Drug Enforcement Administration to unlock an encrypted iPhone 5 in a high-profile case being slogged out in court these days. The reasoning goes that, as long as Apple leases the software (i.e., the user is not the owner), the company is the one that should do the unlocking, even without the phone owner's consent or even knowledge. Although Apple resisted the order this time around, it has had few qualms in unlocking users' devices in the past.

According to Ed Snowden, Intel intentionally broke the random number generator on their chips at the behest of the NSA. Random numbers are used extensively in cryptography. The seemingly random, but actually predictable, stream of numbers generated by many Intel chips makes it easy for the security agency to de-encrypt messages that travel through the net.

Calls from Western governments to include backdoors in every and all applications "to fight cyberterrorism" will usher in a new age of defective-by-design software and 1984-esque snooping on civilians throughout the world. On a side note, you can always tell when this stuff comes from some clueless politician – just look for the "cyber" prefix they seem to tag on to everything.

There are more threats to your right to privacy out there, but the three listed above? Easily thwarted: just use Free Software.

Free Software licenses do not "lease" you the bits that make up a program. They explicitly give them to you. You are the owner. Not the distributor, not the developer. You. There is no higher authority any government agency can address when seeking to decrypt your device. Even if they did have a legal leg to stand on, and most times they don't, they won't be able to go behind your back.

Although GNU/Linux does use Intel's random number generator, it is combined with many other factors, such as environmental noise , which are random fluctuations of the mouse, movement of a disk header as it reads and writes to the hard drive, the current time, or even actual noise picked up from a microphone. Additionally, an entropy pool , a long string of numbers on a page from which you can pick random digits, help form your random number. Combining all these elements, Intel's RNG only makes Linux's random numbers… er… randomer.

As for backdoors, they make no sense in open source code. If a program is legally obliged to ship with a backdoor, it will be just a question of hours before the hole is plugged by independent developers. If a backdoor is introduced surreptitiously, it'll be found, and the responsible party publicly shamed and ostracized from the Free Software community. The project itself will be forked. And then the hole will be patched.

However, there are more threats to your personal privacy than the ones listed above. To thwart them, you may have to take some extra steps other than just using your regular Ubuntu install. That's why we are dedicating our cover story to personal security.

You will learn about two distros especially designed to ensure that your data and communications are safe. Kali is used to audit and stress-test your network. It can be run as a live USB and comes with a whole suite of tools to check an intranet for vulnerabilities.

As for Tails, it's not that it can be run as a live distro from an USB thumbdrive, it's that it was designed to work that way. Tails comes with all you need to ensure your privacy, including Tor-enabled browsers, strong cryptography for your emails, IM tools to encrypt your communications point-to-point, the works. And, when you unplug your USB drive with Tails from the computer, it leaves no trace behind, either on the hard disk or in memory.

You will also see how to generate steganographic images, that is, images that invisibly contain an embedded, secret message. And, you will learn the ins and outs of cryptography using Tomb along with how to isolate applications in virtual jails with Firejail and the Firetools GUI.

Keep safe.

Buy this article as PDF

Express-Checkout as PDF

Pages: 1

Price $0.99
(incl. VAT)

Buy Ubuntu User

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content