Survivalism & Self Sufficiency Topics > Communications

The last days of secure end-to-end encryption?

<< < (3/4) > >>

fritz_monroe:

--- Quote from: FreeLancer on July 30, 2019, 06:32:36 PM ---
That's the problem with online security and privacy being a niche market.

--- End quote ---
Yep, there's quite a cost to it.  If I didn't have a kid in school and another one starting in 2 years, maybe I'd go for that. But I use Tracfone, so I buy unlocked phones and try to keep them under $200-ish.

Bradbn4:
For phones it is possible to slide load a new OS that was built by you to include various secure options.  At least that was possible a few years back when I looked at that subject.  So you can limit what is installed; where it is installed, etc.    I buy cell phones for use that are not locked so I have the ability to use what Cell network I chose (assuming the my hardware is compatible with their network).   My current phone is a google Pixel 3a, the low cost google phone.  For support for hacking the phone to get it to do what I want I would head over to https://forum.xda-developers.com/pixel-3a

For phones that don't want to just use cell phones for communication and their 10 year old laptop is pushing up daisies, a Raspberry Pi 4b might be worth looking at.
 
I have been testing a new version of the Raspberry PI 4B and have found that the new hardware upgrade performs fantastic...for a sub 40 dollar pico computer.  There is one known problem with compatibility with USB Type-C cables.  Also the device can be a bit of a power hog compared to older versions.  So the right power supply is needed.

The other problem is that the device dose run hot in the approved RP4B case.  No real worries for danger to hardware, the RBP4 will slow down during heat management.  A small fan / heat sink can be added to let the RB4B run longer at turbo speed.  So if you are looking for a computer than can do some simple word processing, surf the web; and watch you tube videos in low res, this might be an option.

So what has this to do with secure communications?  With a bit of work it is possible to tie two Raspberry PI computers over a normal network and secure your data transfers.  This hardware solution does not offer anything unique over running Linux on a laptop. Other than the fact that the hardware is dirt cheap and very small.   

The hardware small enough to use double sided tape to stick it to the back of your current monitor for use.   Versions of the RBP4 differ by the amount of ram that is installed.  (1, 2, and 4 gig models can be found, with the 4 gig models in short supply)

My current project is to see if I can use the RBP4B along with an old LCD display to provide access / control over 2 video security cameras.  In the past I have used various older Raspberry PI computers for NAS (network attached storage), print server, media server.    As a print server it worked fine, the old RBPi 2 was too slow to be used as a NAS controller, but it did work.   As a media server once the channel was locked in the quality of the output was fine.   ROKU and other dedicated devices have a better user interface and work better on streaming data sources.

ecuritysay ancay ebay oneday inyay anymay ifferentday aysway . otnay ustjay ithway ardwarehay .

"Security can be done in many different ways. Not just with hardware."




Mr. Bill:
More ranting against encrypted communications:

NPR, 2/21/20: Trump Administration Targets Your 'Warrant-Proof' Encrypted Messages


--- Quote ---...Republican senator and Trump ally Lindsey Graham recently floated legislation that would strip tech companies of their liability protection under Section 230 of the Communications Decency Act unless they comply with as-of-yet undefined "best practices."

Riana Pfefferkorn, at Stanford University's Center for Internet and Society, says it's a safe bet the best practices would include a requirement that law enforcement get access to encrypted content.

"The bill as it's drafted does a bizarre and alarming end run around normal legislative or even agency rule-making processes," Pfefferkorn says, giving the attorney general "the keys for deciding what rules apply on the Internet." ...

...the privacy activists also have a technological argument against making encrypted messages available to police: It would require companies to create a secret method for decrypting users' messages — a "back door," as some call it — which could end up being exploited by malicious hackers. ...

But law enforcement officials remain dubious that a secure back door can't be created for their warrant requests.

"To suggest that this is not possible, I just can't buy that," says [Darrin Jones, assistant director of the FBI's Information Technology Infrastructure Division]. ...
--- End quote ---

Jeez, it never ends.  Just quoting what I wrote previously:


--- Quote from: Mr. Bill on July 30, 2019, 02:58:24 PM ---...public key cryptography was proposed in 1874(!) and was developed into practical tools between 1973-1978.  The first version of PGP was released in 1991.  So Barr is complaining about "advances" that were literally made over 40 years ago.

--- End quote ---

Nobody can stop the use of strong encryption, they can only make it inconvenient (or illegal).

fritz_monroe:
Time to download strong encryption tools even if you never intend to use them.  I occasionally make use of them just because some are not all that user friendly.

What drives me nuts is the arrogance of these people.  They think that a backdoor is useful to police.  The only thing that a backdoor does is open it up for hackers to break into.  There's no such thing as a "secret method for decrypting"  Security professionals are always reacting to threats because the "bad guys" are finding new methods every day.

Mr. Bill:
What should have happened, 20 years ago, is encrypted e-mail becoming the normal way to send messages.

But the leading public key encryption software, PGP, was very nerdy to use, and the same is still true for its successor GnuPG (a.k.a. GPG).  And the other thing that happened was the growing popularity of webmail (and later, mail apps).  It's very convenient to have your messages stored on the server indefinitely, but the downside is that you're generally using a "dumb" interface (e.g. a web browser) rather than actual e-mail software that could encrypt and decrypt for you automatically.

Nowadays, it feels like we've got a couple generations of people raised to expect no privacy.  Warrantless searches at school, right?  Use GMail, it's free (in exchange for Google having access to the contents of your e-mail).  Pay for everything using a card, so the merchant and the bank can assemble a profile of your spending habits, but it's so much more convenient than cash.  Ugh.  And then once or twice a year, the media runs an outrage story, and everybody is outraged and demands government action, and then they all go back to Facebook Messenger and Alexa and their OnStar-equipped cars.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version