[AktiviX-discuss] Practical Security Advice for Campaigns and Activists
Chris
chris at aktivix.org
Mon Mar 21 15:26:46 UTC 2005
Hi
On Mon 21-Mar-2005 at 03:14:56PM +0000, Max Gastone wrote:
> >
> > Another aproach might be to use the cypto loopback
> > driver to automate this . This is not ppc specific
> > AFAICT.
> > http://www.ppcnerds.org/displayarticle186.html
>
> Not simple enough for the average user. If the front end
> is not properly designed then you end up with users
> making mistakes and thus having a false sense of
> security.
Yeah, I have done some research on crypted disks (but not
got as far as setting one up...) and what is really needed
(but is probably a year or so off) is the option to set
this up when installing a linux distro -- afaik no distro
offers this yet, perhaps Blag might be one of the first
though?
> > > > 2. Tor (http://tor.eff.org/) seems to be the best
> > > > way of anomomising web browsing these days.
>
> Tor looks quite interesting and sounds like it is adapting some of
> the interesting parts of Publius and P2P, but unless it too is
> encrypted right from the client end then it to will not protect
> against a direct line tap.
I does encypt all traffic as far as the last machine that
does the unencrypted http request, if you access sites
using https then it's even better. Also Tor can be used to
tunnel ssh and anything else through it.
Yes it is a bit slower but not so slow that it isn't
usable.
Installing isn't so hard, I think the next version of Blag
will come with it.
> More important that who is encrypting or signing emails
> to whom, is the fact of who is talking each other,
> analogous to when FIT teams photograph people on demos.
> Email allows them to build up networks which can be
> analysed for clearer pictures on the dynamics of the
> various protest movements.
This is where TLS comes in -- if people are accessing
riseup / aktivix in a secure way then all private email
between them will be encrypted the whole way with TLS,
sure the servers are potential weak points but riseup do
crypt their mail spool directories and I guess aktivix
will someday also...
Chris
--
Aktivix -- Free Software for a Free World
More information about the AktiviX-discuss
mailing list