Encryption and Security FAQ revision 17
Anonymous
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Security and Encryption FAQ Revision 17
by Doctor Who
"No one shall be subjected to arbitrary interference with his privacy,
family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law against
such interference or attacks."
Article 12 Universal Declaration of Human Rights
Disclaimer and justification for this FAQ.
Many countries operate a legal system designed to suppress individual
freedom. Such countries often do not obey basic human rights. The
law in these countries may be based on guilty until proven innocent.
My intention in offering this FAQ, is to legally challenge these
threats to our freedom. It is not my intention to promote any illegal
act, but to offer people the option of freedom of choice. How they
use that freedom is entirely down to the individual.
This versin contains some major revisions, particularly on the choice of
encryption programs. DriveCrypt Plus version 2, whole disk/drive
encryption with access only by a pre-boot password is now the preferred
choice.
The FAQ has 2 main Sections.
Part 1 concentrates on passive security. It is intended to be useful to
both posters and lurkers.
Part 2 is to maximize your privacy whilst online, particularly for Email
and Usenet posting.
As in previous revisions, I have assumed three security levels:
Level 1. For those who wish to protect their files from unauthorized
access. These users are not too concerned at being found with encrypted
data on their computer.
Level 2. For those who not only wish to hide their private data, but
to hide the fact that they have such data. This might be an essential
requirement for anyone who lives in an inquisitorial police state where
human rights are dubious, or where there is no equivalent to the United
States 5th Amendment.
Level 3. For those who not only need all that is offered by level 2,
but additionally wish to protect themselves from hackers whilst online
and snoopers who may try and compromize either their software or add
substitute software that could compromize their privacy.
Part 1 explains the 3 security levels and offers help in achieving
them.
1. How does encryption work?
Essentially the plaintext is combined with a mathematical algorithm
(a set of rules for processing data) such that the original text
cannot be deduced from the output file, hence the data is now in
encrypted form. To enable the process to be secure, a key (called
the passphrase) is combined with this algorithm. Obviously the
process must be reversible, but only with the aid of the correct key.
Without the key, the process should be extremely difficult. The
mathematics of the encryption should be openly available for peer
review. At first sight this may appear to compromize the encryption,
but this is far from the case. Peer review ensures that there are no
"back doors" or crypto weaknesses within the program. Although the
algorithm is understood, it is the combination of its use with the
passphrase that ensures secrecy. Thus the passphrase is critical to
the security of the data.
2. I want my Hard Drive and my Email to be secure, how can I achieve
this?
You need Pretty Good Privacy (PGP) for your Email and DriveCrypt Plus
and/or BestCrypt for your hard drive encrypted files.
PGP is here: http://www.ipgpp.com/
DriveCrypt is here: http://www.drivecrypt.com
BestCrypt is here: http://www.jetico.com/
DriveCrypt Plus is Win2000/NT/XP compliant but not yet compliant with
Win98 or earlier. Version 1.0 had some bugs which all seem to have
been resolved in this new release.
BestCrypt is Win95/98/NT/2000/XP and Linux compatible.
3. What is the difference between these encryption Programs?
PGP uses a system of encryption called public key cryptography. Two
different keys are used. One key is secret and the other is made public.
Anybody sending you mail simply encrypts their message to you with your
public key. They can get this key either directly from you or from a
public key server. It is analogous to someone sending you a box and a
self locking padlock for you to send them secret papers, when only they
have the key to open the box.
The public key is obviously not secret - in fact it should be spread far
and wide so that anybody can find it if they wish to send you encrypted
Email. The easiest way to ensure this is by submitting it to a public
key server.
The only way to decrypt this incoming message is with your secret key.
It is impossible to decrypt using the same key as was used to encrypt
the message, your public key. Thus it is called asymmetrical
encryption. It is a one way system of encryption, requiring the
corresponding (secret) key to decrypt. PGP is simplicity itself to
install and use. It even offers to send your newly generated public
key to the key server.
For your normal hard drive encryption, you will need a symmetrical type
of encryption program. The same key is used for both encryption and
decryption. DriveCrypt and BestCrypt are of this type and especially
good because they are "On-The-Fly" (OTF) programs. This means that the
program will only decrypt on an as needed basis into RAM memory. More
about this later in the FAQ.
One question often asked by newbies is whether the passphrase is stored
somewhere within the encrypted file. No. The passphrase is passed
through a hash, such as SHA1. This is a one-way encryption. It is the
hash output that is stored within the encrypted container. The program
will compare this hash with the hash it produces from your passphrase
that you type in to mount (open) the container. If they are identical,
the program will use your passphrase to decrypt the key that the program
generated to encrypt the disk or container. Only then will the disk or
container be decipherable. It is impossible to derive this key unless
the correct passphrase is input. There are no shortcuts.
4. I have Windows, am I safe?
Definitely NOT.
In previous versions I have suggested work-arounds to help minimise
the inherent security weaknesses within the Windows operating system.
I have now concluded this is a sheer waste of time. Whatever you do,
Windows will tell the world. It keeps records of so much of your
activity it seems the only solution is the complete encryption of your
whole drive. Even using so-called washing programs, little is to be
gained. If security is important to you, there is only one solution:
encrypt your whole drive.
A program I recommend to test this out for yourself is WinHex. It
reads the whole of your drive and shows both the hexadecimal and the
text equivalent of each sector. It makes fascinating reading. You will
see snippets of long deleted or overwritten files, perhaps from the
Windows swapfile. Hints of text that will ensure any snooper could
accurately deduce your computer habits. In fact it can be used for
forensic analysis, as examples show in the help files. To be used to
write to disk and/or analysis full and specialist licenses are
required. The evaluation version is good enough to prove the
necessity of encryption - if you need any persuation.
WinHex is available here: http://www.winhex.com/winhex/order.html.
5. Which program do you recommend for this whole drive encryption?
DriveCrypt Plus. It is truly simple to install and use. One thing
to watch, however, is that you ensure that energy saving is disabled on
your computer whilst encryptin/decrypting. I had a major crash which
trashed my drive completely and only happened after I had enabled it. I
had allowed the drives to run down after 30 minutes. It may be a
coincidence, but since returning to "always on", there have been no
further problems despite many hours of encrypting and decrypting of
several (very) large drives.
All your computer activities will be totally secure as everything you
do is from within an encrypted drive.
If you live outside the United States and in a country which does not
have the equivalent of the 5th Amendment, you will need to use a little
subtlety to ensure your security. More on this later in the FAQ.
It is important to remember that DriveCrypt Plus is an OTF type of
program. The drive will remain encrypted at all times. Any necessary
decryption is done into RAM memory only. Thus a crash close will not
leave any evidence of your activities. Likewise, there is now no need
to worry about the swap file or all the other weaknesses of the Windows
operating system.
A further major advantage over previously recommended encryption
programs is that the passphrase is input at Bios level, before Windows
is loaded.
The importance of this is difficult to over-emphasise.
This means it is impossible for any key-logging program that may be on
your computer to detect your passphrase. Such programs are sometimes
picked up on the Net or arrive via Email and could circumvent all your
efforts at security. A Bios level passphrase is just about the Holy
Grail of security - very difficult to detect and snoop. DriveCrypt goes
even further by very deliberately operating at a reduced speed at the
passphrase prompt to ensure it is very time consuming for someone to try
and test for your passphrase. An excellent design indeed!
6. Are there other OTF programs?
Yes, there are several, but so far as I know only DriveCrypt Plus has
the unique advantage of whole drive security with Bios level input of
the passphrase. Others, such as ScramDisk and BestCrypt only encrypt
data files, not the Windows operating system. Scramdisk does allow you
to input the passphrase via its Red Screen mode which is far superior to
the BestCrypt one. BestCrypt only allows you to use some keyboard
filtering, the nature of which is not specified. However, BestCrypt
does have the unique advantage of a hidden container within the normal
encrypted one. This might be very important to someone who needs good
plausible deniability. See later in the FAQ.
7. How difficult is it to break one of these programs?
Very difficult, in fact for all practical purposes, it is considered
impossible. In most cases, the weakest link will be your passphrase.
Always make it long. Remember, every extra character you enter makes a
dictionary search for the right phrase twice as long. Ultimately, the
present version of DriveCrypt Plus limits your key length to 160 bits.
This is extremely strong indeed. The sun will burn out into a white
dwarf long before any snooper has cracked that length of key.
Each keyboard character roughly equates to 8 bits, and is represented
on the drive as two hexadecimal characters. This suggests a 20
character passphrase is equal strength to the encryption. In practice,
probably not. Few people can remember a truly random 20 character
passphrase. So most people use a less than random one. This means it
should be longer to help compensate for this lack of randomness.
It is also important to ensure you use at least part of both lines of
the passphrase input screen with DriveCrypt Plus.
8. Why?
Because any passphrase cracker cannot find the correct key until it
has exhausted a key search as wide as the last character you enter.
A strong hint that you should make sure the last character of your
passphrase is well along the bottom line! For higher security you
should spread it around on both lines.
This is a distinct security improvement over the usual straight line
entry that is typical of other programs, including BestCrypt.
Be sure that if any serious snooper wants to view your secret data,
they will find a way without wasting their time attempting a brute
force attack upon your DriveCrypt Plus container. In some countries
rubber hose cryptography may be the rule. Anybody living in such a
country needs level 2 security at the very least. In some "civilized"
countries there are more sinister methods, such as tempest or the use
of a trojan which require level 3 security (see later in FAQ).
Fortunately, tempest and trojan attacks are far less likely to succeed
against DriveCrypt Plus than all the other programs. Hence my strong
and enthusiastic support for this new program.
9. What about simple file by file encryption?
I like Kremlin. I have set it up to run in the background. It allows
you to shred files as well as encrypt/decrypt. It can be set via the
options menu to by default overwrite existing decrypted files, or to
wipe the plaintext file after it is encrypted. Very easy to use.
Kremlin is here: http://www.kremlinencrypt.com/
You could use the Windows version of PGP. It comes with PGP Tools,
which will allow you to encrypt any file on your computer. Of course
this is unneccessary for all files within your DriveCrypt Plus drive.
But you may need it for files outside this drive. Only do this on the
assumption of a level 1 security. I suspect the International version
offered by Kremlin is a crippled version to get around the export
restrictions of strong cryptography.
10. How do can I encrypt a floppy?
Use either Kremlin or PGP Tools. PGP Tools comes with PGP and will
encrypt any floppy. But ensure you wipe the original file before
closing.
11. Does using Encryption slow things up?
Negligibly on any modern computer.
12. Do I need a PGP passphrase if I store my keyrings within my
encrypted drive?
It is good security practice to use a passphrase, but for level 3
security it is essential because level 3 security is intended to ensure
your secret data are safe if attempts are made to hack into your
computer whilst online. Although DriveCrypt Plus is an OTF program I
am old fashioned and paranoid, so I strongly advise using a passphrase
for your PGP keyring.
13. I use Mac, OS2, Linux, (fill in your choice), what about me?
Use either BestCrypt, or
PGPDisk http://www.nai.com/default_pgp.asp, or
14. How can I ensure I do not leave traces of unwanted plaintext
files on my system?
In the past I suggested either Evidence Eliminator (what a compromising
name!) or Windows Washer. With DriveCrypt Plus this sort of program is
less necessary against a snooper than for protecting yourself whilst
surfing the Net. They will ensure your cookie files are cleaned up.
Windows Washer is here: http://www.webroot.com
Evidence Eliminator is here: www.evidence-eliminator.com
15. What programs do I put in my newly Encrypted Drive?
In previous versions of this FAQ I was wary that some programs might
write critical info to your C: drive. However, this is far less of a
security risk with it being encrypted. Nevertheless, for what it's
worth, here are my choices for these programs:
(A) Agent (or FreeAgent) for the newsreader.
Agent is here: http://www.forteinc.com
(B) For your Email I have 3 different recommendations:
i. Agent, as mentioned above
ii. Quicksilver, available here: http://quicksilver.skuz.net/
111. JBN2, here: Http://members.tripod.com/~l4795/jbn/index.html
Agent is simple and very easy to use. It can be used in conjunction
with a remote host server for posting anonymously (see later in FAQ).
Quicksilver is recommended for secure Email and Usenet posting. It
now also supports Nym creation. It is an excellent program for both
anonymous Email and posting anonymously to Usenet. It is still in beta
testing mode. Most importantly, Quicksilver is very easy to learn to
use. It uses the Mixmaster remailers for posting. These are considered
far more secure than the earlier Cypherpunk remailers.
JBN is very thorough, but more complicated than Quicksilver. This might
be the choice of the hardened enthusiast.
All three of these programs will also work with PGP. Agent will
require you to copy and paste, but the other two have built-in support
and work seamlessly with PGP. I particularly commend Quicksilver for
its intuitive ease of use. This makes NYM maintenance much simpler.
(C) For browsing use whatever you choose. I would however disable
Java or active-X.
I used to warn against using MS Explorer, but now the beast has been
tamed by encrypting your C: drive.
(D) Use ACDSee as your viewer. If you use the cache facility, make
certain that you set it up within your encrypted drive. This allows
easy previewing of thumbprints and click and zoom to examine image
quality. I prefer the earlier version 2.4. Less bloat.
ACDSee is here: http://go.acdnet.com
Two alternatives are:
Thumbs Plus, at http://www.cerious.com and
VuePro, at: http://www.hamrick.com
Each of these 3 programs has some advantage over the others. Choose
whichever best suits your needs.
(E) Many files are compressed. I recommend obtaining a copy of WinZip
from here: http://www.winzip.com. Or do a search for PKzip which is
freeware.
(F) Any person who browses the Net should ensure they have a good virus
detector. There are many to choose from, some are freeware, others are
shareware or commercial ware. I use Norton's only because it allows me
to update the virus list online. Useful and so easy.
(G) Get a firewall. I recommend Zonealarm.
Get it here: www.zonelabs.com/zonealarmnews.htm
Note: Just because your drive is encrypted does not relieve you of the
necessity of protecting yourself whilst online. So take care to cover
your tracks.
16. How do I do this?
Never surf naked. Always, always use a proxy. If you are not sure how
to go about this, an easy answer is to use The Anonymiser.
The Anonymiser is here: www.anonymiser.com
Well worth a visit. You can choose either to use the freebie version or
pay for something a little faster and more secure.
If you prefer to do it the hard way, try this link:
They have a listing of active proxies. But you will need to set it up
yourself. I find them too much bother and use the Anonymiser because
it suits my needs.
All of the above is sufficient for a level 1 security.
Level 2. This is for those who not only wish to hide their private
data, but wish to hide the fact that they have such data.
17. What more must I do to achieve level 2 Security?
For level 2, it is essential that you can show plausible deniability for
all files that might contain encrypted data. The purpose is to be able
to justify every file on your system. This section will help you to
achieve this higher level of security.
Obviously, if you have an encrypted drive C, it will be difficult on
the face of it, to justify. But there are ways and means around this.
18. How can I get around this problem?
First of all, you cannot hide the fact that you have an encrypted drive.
But it need not be your drive c:! This may sound like a contradiction
but hear me out.
You will need to be able to dual boot your computer. This means having
two entirely separate operating systems. They need not be different
types. You can choose to use, for example, two separate Windows 2000
Professional systems. Each would be on different partitions on your
hard drive. Or you could have two separate hard drives and use the
first partition on each. Whichever route you choose, the operating
systems must be set up by Windows to be dual bootable. It took me about
10 minutes of studying the Windows 2000 Pro manual to understand how to
install a dual boot system.
When you have it set up correctly, whichever drive you boot, will always
be set up by Windows to be your drive C. This ensures that when you are
using your encrypted drive, all swapfile data, etc, is always written to
that encrypted drive and not to any other drive. I recommend that the
default drive (the one Windows will choose without any input from you
after a time out delay) to be your plaintext drive.
An easy way to check which drive is which after you have booted is by
naming the volumes so that you can check from within "My Computer" that
the encrypted drive is in fact labelled drive C when you boot into it.
When you boot into the other drive, the encrypted drive will be labelled
drive D. After this one time check, I also recommend that you then
change the screen colors such that you will always know when you are in
the encrypted drive. For example, I always have my encrypted drive in
a strong green color, with my other drive in the normal default blue.
19. OK, I have dual booting, how does this help?
You use the first partition (the default) as a normal plaintext drive.
The second one is the one you will need to encrypt with DriveCrypt Plus.
You should also encrypt another partition if you wish, which need not be
bootable, which may contain non-compromising private data. But this must
be done using a different key. This is to possibly justify the presence
of DriveCrypt Plus on your system.
Before any encryption can be accomplished, it is mandatory that you first
check that DriveCrypt Plus is supported by your operating system. To do
this first install Boot Authenticity from the relevant screen in the
DriveCrypt Plus window. This is not the same thing as encrypting the
drive. You could choose to use Boot Authenticity alone as a very strong
boot sequence protection for your computer. But this would be using only
half of its capabilities.
Immediately after installing Boot Authenticity you must create an Emergency
Repair (ER) disk as recommended by the program. This is to ensure that if
it all turns sour and your computer cannot boot, you can restore your boot
table back to its original state.
Assuming everything works, next encrypt your chosen drive. It is very
important that this be done from within the drive itself because before
re-booting you must update your boot recovery (ER) disk. If it is done
from within drive C, DriveCrypt Plus will put this data onto the recovery
disk to ensure compatibility when you use the ER disk.
Important points to note:
a. By all means experiment but do ensure that when you go for real that
you have already created a key on a keyring within the encrypted drive.
b. and that you have already chosen youur most important passphrase.
c. this passphrase is totally unique and not being used for any other
purpose on your system.
This is the crunch, you must take some thought to what you are trying to
achieve. It is absolutely essential that this is a unique key, not being
used by your system for any other drive.
Now comes the tricky bit. You then boot into your normal plaintext
drive, which will of course become drive C and your encrypted drive will
become drive D. Now that your encrypted drive is shown other than drive
C, DriveCrypt will allow you to remove Boot Authenticity off your computer.
Next time you boot, no passphrase will be required and you will be shown
the two drives, but only one will be bootable. If you perversely attempt
to boot into your encrypted drive, Windows will tell you it cannot find
the file NTDLR or similar.
To access your encrypted drive, you must use the ER disk. What is
considered by DriveCrypt Plus as a last resort access to your computer
instead becomes your secret key to access your encrypted drive.
Test this works by booting into the encrypted drive. If all is well you
can either delete that key or at the least hide it away on the encrypted
drive. It is imperative that this key be invisible from within your
plaintext drive. If it is visible DriveCrypt Plus will display the key ID
of your encrypted drive and the snoops will be able to persuade you that
as the key is present, no excuses about forgotten passphrases will wash.
However, no key will pose a problem for them. No key means no access.
When booting with the ER disk, naturally if the wrong passphrase is used
you cannot boot. With the right passphrase you are offered the choice of
both drives and can boot into either drive.
It is essential that your keyring, as displayed when booting into your
normal drive does not display the encrypted drive's key. This cannot be
over-emphasised.
20. Why?
If a key is available DriveCrypt Plus will reveal the key fingerprint of
that drive. If no key is available then it is axiomatic that it will be
impossible to decrypt that drive.
True, some bright spark may try testing each of your disks to check if
any are ER disks, fine, just make certain you have several available!
The more you have, all generated for experimental purposes, of course,
the more difficult to isolate the correct one, if one exists at all. It
is impossible to prove that any one of those disks is the correct one to
allow booting into that encrypted drive. The only way would be by
correctly guessing your passphrase. No information resides on the ER
disk to help identify its purpose. Even WinHex cannot read it. Windows
tell syou it is unformatted, of course.
In some countries, the United Kingdom is one such, LEA can force you to
reveal the contents of any encrypted drive on pain of up to two years in
prison. No 5th Amendment there! Worse, far worse, you cannot tell the
world of your plight on pain of five years in prison. This is about the
same level of human rights as is exercised by the government in Zimbabwe!
But if no matching key can be identified on your keyring and the
passphrase you supply cannot open the encrypted drive, but does show some
other encrypted drive to prove it is a genuine passphrase, then they now
have to prove you are lying. With full cooperation from you regarding
the other drive(s), they certainly cannot claim you are being obdurate.
Your defence is you encrypted the drive as an experiment and stupidly
deleted the key. You are still learning how to use the program, so
mistakes will be made. Never mind, you intend re-formatting the drive
when you eventually get around to it. Windows will offer to do this if
you click on it from within the "My Computer" screen.
By using a benign floppy, perhaps one that looks as if it has seen better
days, it will be far less obviously a target.
With the key destroyed and no ER floppy I am sure SecureStar, the owners
of DriveCrypt Plus, will be happy to confirm that it is impossible to
recover the data.
21. What if encryption is illegal in my country?
In that case, I suggest using the stego feature of either DriveCrypt or
Scramdisk. But ensure you create your own WAV file, by making your own
recording. Once the stego encrypted file is created within the WAV file,
make sure to wipe the original recording to prevent forensic analysis
showing their low level data are not identical. Of course, you will need
to install DriveCrypt or Scramdisk in traveller mode. This means running
it off a floppy. But you will still need to hide the floppy effectively
in the case of a search. I am sorry I cannot help you here. It must be
down to your own initiative.
Note the difference between this scenario and the previous one using a
boot floppy. The DriveCrypt/Scramdisk floppy will plainly display the
program, but an ER disk does not.
22. Are there any other precautions I should take?
Make copies of all your PGP keys, a text file of all your passwords and
program registration codes, copies of INI files for critical programs,
secret Bank Account numbers and anything else that is so critical your
life would be inconvenienced if it were lost. These individual files
should all be stored in a folder called "Safe" on your encrypted drive.
The above is sufficient for Level 2 security.
23. I need Level 3 Security, how do I achieve this?
This is for those who wish to protect themselves from hackers whilst
online and snoopers who may try and compromise either their software or
add substitute software that could reveal their secret passphrases.
24. What are these threats?
They are known as Tempest and Trojan attacks.
25. What is a Tempest attack?
Tempest is an acronym for Transient ElectroMagnetic Pulse Emanation
Surveillance. This is the science of monitoring at a distance
electronic signals carried on wires or displayed on a monitor. Although
of only slight significance to the average user, it is of enormous
importance to serious cryptography snoopers. To minimise a tempest
attack you should screen all the cables between your computer and your
accessories, particularly your monitor. A non CRT monitor screen such
as those used by laptops offers a considerable reduction in radiated
emissions and is recommended.
26. I have decided to use DriveCrypt Plus, am I at risk?
Far less than if you were using any other program. But do not use the
same passphrase to open any other encrypted partitions after you have
loaded Windows. Keep your boot passphrase totally unique and you will
be far safer than if using any other program.
27. What about BestCrypt??
It does not offer the same facility, but it does offer some protection.
On the Menu bar, click on Key Generators -> SHA-1.. and ensure "Use
Keyboard Filter" is checked.
28. What is a Trojan?
A trojan (from the Greek Trojan Horse), is a hidden program that
monitors your key-strokes and then either copies them to a secret
folder for later recovery or ftp's them to a server when you next go
online. This may be done without your knowledge. Such a trojan may
be secretly placed on your computer or picked up on your travels on the
Net. It might be sent by someone hacking into your computer whilst you
are online.
The United States Government has openly admitted it will be employing
such techniques. They call it Magic Lantern. It was originally
promulgated as a counter-terrorism weapon. But who knows how it will
be used in practice.
In view of these changed tactics, it is mandatory that these possible
attacks be countered. Thus my insistence that only DriveCrypt Plus
can give the level of security to ensure you some peace of mind.
Nevertheless, whilst your encrypted drive is mounted you should take
precautions against a trojan copying any data and sending it out to
some unknown site.
29. How do I do this?
First of all you must have a truly effective firewall. It is not
sufficient for a firewall to simply monitor downloaded data, but to
also monitor all attempts by programs within your computer that may try
and send data out. The only firewall that I know of that ensures total
protection against such attacks is Zonealarm. This firewall very
cleverly makes an encrypted hash of each program to ensure that a
re-named or modified version of a previously acceptable program cannot
squeeze through and "phone home".
ZoneAlarm is here: www.zonelabs.com/zonealarmnews.htm
To understand how important this is, visit Steve Gibson's site.
Steve's site: http://grc.com/
Go to the "Test my Shields" and "Probe my Ports" pages.
You can test ZoneAlarm for yourself. I strongly urge all users
concerned with their privacy to run this test.
30. How will I know when a trojan has modified an acceptable program?
Zonealarm will pop up a screen asking if this program is allowed to
access the Net. If it is one of your regular programs, be very wary
and always initially say NO until you can check why this program is not
now acceptable to Zonealarm. If it is a strange program, then obviously
say, NO and investigate.
31. How important is the passphrase?
Critically important. It is almost certainly the weakest link in the
encryption chain with most home/amateur users. I provide links at the
end of the FAQ, some of these should either help directly or give
further links about how to create an effective passphrase.
For the newbies: never choose a single word, no matter how unusual you
think it is. A passphrase must be that, a phrase, a series of words,
characters and punctuation intermixed. One method that I believe would
help is to deliberately mis-spell common words in a phrase. Scruggle in
place of struggle, matrificent in place of magnificent. These could be
the start of a longer phrase. Taking this a step further, invent words
that are pronounceable but totally meaningless. I recommend a minimum
of eight words.
32. How can I prevent someone using my computer when I am away?
In the past I had no truly effective answer, but if you are using
DriveCrypt Plus, you have nothing to fear. Nobody accessing you computer
will have any access to your encrypted drive in your absence.
33. Anything else?
Use a Bios password. Although it can be bypassed by resetting the
Bios, the fact it has been reset should be obvious by either there not
being a call for the Bios password on boot or it is different and you
cannot then startup. Also, ensure you have set a Windows startup
password and a screen-saver password. Make a short cut on your desk top
to the screen saver, then open its properties box and put in a single
key short cut.
This ensures you have the option of single keystroke blanking of your
screen in an emergency
.......................................................................
Part 2 of 2.
This second part concentrates on security whilst online.
There are countless reasons why someone may need the reassurance of
anonymity. The most obvious is as a protection against an over-bearing
Government. Many people reside in countries where human rights are
dubious and they need anonymity to raise public awareness and publish
these abuses to the world at large. This part 2 is for those people
and for the many others who can help by creating smoke.
34. I subscribe to various news groups and receive Email that I want to
keep private, am I safe?
Whilst you are online anyone could be monitoring your account. If you
live in the British Isles be aware that all ISP's are required to keep
logs of your online activities, including which Web sites you visit.
Shortly this will be reinforced by MI5 who will be monitoring all Net
activity 24 hours per day! The information will be archived eventually
for up to seven years!
The British Labour Government claim this Act is misunderstood and that
it will only be used against serious criminals.
You trust them? Then perhaps you believe in fairies too.
35. Can anything be done to prevent my ISP (or the authorities) doing
this?
There are several things you can do. First of all subscribe anonymously
to an independent News Provider. Avoid using the default news provided
by your ISP. Apart from usually only containing a small fraction of all
the newsgroups and articles that are posted daily, your ISP is probably
logging all the groups you subscribe to. You also need to protect
yourself from snoopers whilst online. Both of these aims can be realized
by encrypting the data-stream between your desktop and a remote host
server.
This host should preferably be sited in a different State or country to
your own.
36. I live in the United States why do I need to bother?
You don't need to. But your privacy and security are enhanced if you
do, particularly if you wish to ensure best possible privacy of posting
to Usenet. Also, it is quite likely that many routes around the globe,
even across the States may be routed through London. The Web is
literally just that, a web. Thus American Email, news postings, etc are
just as liable to be read by MI5 and who knows what they will do with
this information. As many businesses exchange Email with total ignorance
about security, these important messages are going to be read by various
snoops. With critical business decisions relying on secrecy, who knows
what use will be made of this information.
Perhaps that is part of the hidden agenda for all this effort.
37. Ok, you've convinced me, how do I go about this?
You must use the SSH encryption protocol. SSH is a form of encryption
that ensures that everything that leaves your desktop is encrypted. To
do this you will need to subscribe to at least one, but preferably 2
remote servers.
One of these services is run by Anonymizer.com. Their site will explain
how to download and use their recommended program F-Secure version 5.
There are several other commercial versions of SSH, including a freebie
version, but I prefer the Anonymizer recommended commercial version for
its ease of use.
I believe there is little or no logging of these connections, unlike
other services, such as Usenet postings. Hence the value of this extra
level of security.
38. How does F-Secure work?
F-Secure uses a program called SSH. SSH uses a protocol called port
forwarding. This means that it tunnels the necessary ports for Web
browsing (port 80), Email send and receive (ports 25 and 110), Usenet
(port 119) through an encrypted tunnel (port 22). Any adversary
attempting to read your data passing in either direction can only know
that a, it is encrypted and b, it is passing through port 22 on your
computer. They cannot even determine whether your Web browsing or
sending Email.
Note: This is not strictly true. I have heard a spokesman for the
British Government claim that even encrypted traffic can give
information of the type of traffic being passed. But the big idea is
that they cannot read that traffic!
The method is simple but very secure. Your desktop SSH program (called
the client) asks for a connection to the remote host server. The host
replies with its DSA public key. Your desktop checks this key against
previous connections and alerts you if it is different, which might
suggest someone was intercepting your traffic. Your desktop has
meanwhile generated a random session key which is never shown to you.
The host's public key is used to encrypt this session key. The host
is able to decrypt it using its secret key. Now using the session key
to encrypt everything that passes between you and the host, it will ask
you for your user id and password. After logging on, all further data
are exchanged encrypted with the session key.
Each time you start the program prior to logging on, a new session key
will be generated.
39. Where does the data go after passing through the remote host?
It then goes out onto the Web or to the News Provider totally
anonymously. All your postings and downloads will always be totally
private.
40. Is the data encrypted after it leaves the remote server?
Not unless you are using an additional remote host. If you are
careful and limit your time online to say a 1 hour limit, breaking off
and re-connecting you will always generate a new session key. This
will make hacking attempts far more difficult.
41. How do I get onto Usenet?
You must subscribe anonymously to a dedicated and independent news
provider such as AstraWeb or Newsfeeds. You will need to modify Agent
to ensure it routes data through the encrypted connection.
I recommend AstaWeb as they offer a freebie service limited to just 50Mb
per day, plus an anonymous signup facility. They also claim that they
can never know your Credit Card details if you choose to sign up in the
conventional way. But I would urge you to choose to take advantage of
their anonynmous signup facility for total peace of mind.
Here is what they told a colleague:
"Yes, you can signup anonymously by sending a money order. However, we
only accept money orders for yearly subscriptions. We do not require for
you to provide your full details if you signup with a money order (no
name, address etc). We only require your email address.
With regards to privacy, our users' details are kept discreetly.
We do not provide them to any third party for any reason whatsoever.
Further, if you pay via credit card we do not even store your credit card
details, these are stored anonymously by our credit card processor (it is
stored anonymously as each user is assigned an order number and referred
to by that order number only). Overall, your privacy is well assured when
signing up with us.
Our postal address is:
Astra Labs Limited
80 Raffles Place
#16-20 UOB Plaza 2
Singapore
048624
IMPORTANT: all cheques/money orders should be made payable to
"Astra Labs Limited" "
Remember not to give out your true Email address. Instead offer them
the Email given you by the Anonymiser when you signed up with them
anonymously, of course.
42. OK, I've signed up, how do I configure Agent to work with SSH?
Go to Options -> User and System Profile -> System and put "localhost"
in the line for News Server and again for Email Server. Click OK.
Go to Options -> User and System Profile -> User and under News Server
Login, put your given username and your password. Check "Login with a
Username and Password" and "Remember Password between sessions". Click
OK.
43. How strong (safe) is this SSH encryption?
Very strong and safe. You may have a choice of algorithms, or You will
have to use whatever algorithms are supported by the host server. 3DES
is a popular choice.
44. Should I run these encrypted programs from within my encrypted
drive?
Yes, provided you are using dual boot with DriveCrypt Plus.
45. Can I post graphics anonymously to Usenet with this system?
Absolutely. If you choose to use Agent, it will always use your News
Provider as the posting host. This is why I recommended you subscribe
anonymously to this news provider. Nothing can then be traced back.
Perhaps that is an exaggeration. But it would be very time consuming
and expensive and problematic. I believe that no logs are kept by the
host servers of these connections, suggesting a major problem for
anybody trying to do a trace. It could be that unless you are a
suspected henchman of Osama Bin Laden, you would not be worth the bother.
If you use Quicksilver it will always use one of the mail2news gateways.
These are intended to be hard anonymous, but it does not yet support the
SSH option. Attempts to put "localhost" into the proxy settings causes
an error on my system. Despite this, Quicksilver is the more secure
method of sending and receiving Email and for posting to Usenet, provided
several chains of remailers are chosen. But the remailer network does
not readily accept large files, such as graphics. This need not be a
significant problem as you can use Agent, provided all the other measures
have been strictly adhered to.
46. Why Quicksilver, what about Private Idaho or Jack B. Nymble?
I found Private Idaho far too buggy and not as intuitive as Quicksilver.
I have also used Jack B. Nymble. It is very sophisticated, but I prefer
the elegant simplicity of Quicksilver. This is my choice, others are
free to assess the alternatives and choose accordingly.
47. Is there another, simpler way?
Email can be sent (and received) by Yahoo or Hotmail. But I treat these
as soft anonymous. Don't use them for anything critical unless you can
access them via the Anonymiser.
There are also several freebie remote hosts. My experiences suggest
they are less reliable and frequently down. By all means experiment and
use whatever suits you best.
48. Are there any other suggestions?
Immediately you finish a posting session, break the connection. Close
F-Secure. This ensures new session keys are generated when you log in
again over the new link. Never stay online whilst posting for longer
than 1 hour maximum.
Always post at different times, do not create a regular pattern of
postings at specific times and days of the week. If possible, use
different ISP's to log onto the Net. By all memans use a freebie ISP
if available in your area. Be aware that these freebies invariably log
your telephone number and connection times. But then so do the others
to a varying extent.
49. Surely all this is totally over the top for the majority of users?
It is certainly over the top for 99 per cent of users for 99 per cent of
the time. If, however, you are the one in a hundredth and you do not
much like the idea of being at risk for 1 per cent of the time, then no,
it is not over the top at all.
In any case, using these tactics helps create smoke which in turn helps
protect those who really do need all the protection and security they
can get.
Remember this FAQ is intended to help many different people. Some may
be living in deprived conditions, in countries where human rights abuses
are a daily fact of life.
50. Can I use IRC/ICQ/Yahoo/MSM in this way?
No. But you can use a program called Trillian to encrypt text messaging
only at present. It is beta software and does not yet support voice or
file transfer. It is free for personal use. I have used it and it
appears to do all they claim for it. Both parties need to be using
Trillian for the encryption to be effective. You can use it as a stand
alone, but it will not then support encryption.
Trillian is here: http://www.trillian.cc
51. Can I be anonymous as far as other Web sites are concerned?
Yes, just set up MSIE or Netscape to use your remote host as a proxy.
52. Lastly, what do you say to the charge that this FAQ may be useful
to criminals?
I did take time to have a re-think after the events of 9/11. However,
on balance I believe it is still the right thing to do. Like gun
control, if we ban weapons only the police and criminals will have them.
Banning encryption or anonymity is not going to make criminals stop
using encryption and attempting to be anonymous.
It is almost laughable for anyone to be so naive as to believe that
passing any law would make the least difference to a terrorist.
I still believe that the individual should be allowed to choose, not the
Government on his behalf.
Who benefits the most if Governments are allowed to reduce our freedom
of choice? The Government or us?
Those that give up a little freedom to gain a little security will lose
both.
Therefore:
a. always use encryption, whatever else you do.
b. always post via your encrypted and anonymous remote host to your
anonymouly subscribed News Provider.
c. never ask of anyone nor give anyone online, your true Email
address.
d. never DL any file with .exe, .com or .bat extension from a dubious
source. If you do, don't run it.
e. for your own protection, never offer to trade any illegal material,
nor ever respond to those seeking it, even anonymously.
....................................................
My key fingerprint: F463 7DCB C8BD 1924 F34B 8171 C958 C5BB
My user id: 0x14A606A7
- - - - - - - - - - - - - - - - - - - -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 6.0.2ckt
mQENAza3VwsAAAEIAJoghtgM5IW0CmQOocBDJPUSDAlkaPkP4LVN/6I6U1qYXYSX
slRiXL6R8/L5LiYGjc8+jkK0MbpTh7W4WiT35L31kX2EU/MSNlpawvpwTvaye8cz
Kbwupsi7qtxVEETM11ucSuxtG8ShOwiYrMUqOmP93hf9h78gNzD/qGOYGV994Adt
MHRZ4lPlQnknxoDszHxCDcS83jlo4mD1xhuvLQ1thXFkGBl9Bw/lSWDxcu0gssZB
necFTSkFtJbnu3gHp6DVE9CO/ZxhXDGHAmC/jLfB5QH59Zbbw4fFgQ7tw2gUAgiS
kvv0RS55TB9n7JiDwc+Mk0OlYavdZOh5cRSmBqcABRG0JURvY3RvciBXaG8gPGRv
Y3Rvcl93aG9AbnltLmFsaWFzLm5ldD6JARUDBRA2t1cLZOh5cRSmBqcBAb87B/46
wEezqswaPz8NIA0/XYULXPKse11aCgRL7MIQPO1CRdqjbFnWi1wU2AnAkCtCLia+
lhulNrLJxMUvHgOQc4oC+nlUntBE9f8hHg0VwvQJ/4kO29UeVf0iwr+drZjRJooR
oR1C1UDDr199eeKJ3+m2pO7j1DBxv4tWQAYsJmZQQqlNRLzsmHJyTI/ZN03UREAZ
Qr4k6EjD1lScWg9MfueITgiMdbeV3MmCpf7mnlahvlN/S31CeEfoY2OpcRYVXNQb
it9N8cPM+2KZEdl/FW7yVPgd6BCGFFgPcRiqLC7c1F6qBPUpbdYf/pvd3/lhRJR9
IY35xfmdHWM8Rk+ivIPD
=0l2S
- - - - - - - - - - - - - - - - - - - -----END PGP PUBLIC KEY BLOCK-----
......................................................................
This ends the FAQ.
The following are inks which might prove helpful:
Items specifically mentioned or recommended in the FAQ:
PGP: http://freepages.computers.rootsweb.com/~irfaiad/
DriveCrypt Plus: http://www.drivecrypt.com
BestCrypt: http://www.jetico.com/
Kremlin: http://www.winhex.com/winhex/order.html
WinHex: http://www.winhex.com/winhex/order.html.
Windows Washer: http://www.webroot.com
Evidence Eliminator: www.evidence-eliminator.com
Agent: http://www.forteinc.com
ACDSee: http://www.acdsystems.com/english/products/acdsee/index
Thumbs Plus: http://www.cerious.com
VuePro: http://www.hamrick.com
WinZip: http://www.winzip.com
Zonealarm: www.zonelabs.com/zonealarmnews.htm
Steve's site: http://grc.com/
Quicksilver, available here: http://quicksilver.skuz.net/
Jack B. Nymble: http://www.skuz.net/potatoware/jbn/index.html
Anonymizer: http://www.anonymizer.com
A Proxy site listing: http://www.samair.ru/proxy/
F-Secure: http://www.f-secure.com/
Scorch and Scour: http://www.bonaventura.free-online.co.uk/
Trillian: www.trillian.cc
Mixmaster (required by Quicksilver and Jack B. Nymble):
Download site: http://www.thur.de/ulf/mix/
(comes with Quicksilver anyway)
Nym remailers:
nym.alias.net, home page: http://www.lcs.mit.edu/research/anonymous.html
Anon.efga.org, home page: http://anon.efga.org/
In case you need convincing:
http://www.gn.apc.org/duncan/stoa_cover.htm
Useful programs:
Partition Magic: http://www.powerquest.com/
Some anonymity sites:
http://www.worldnet-news.com/software.htm
http://www.skuz.net/potatoware/index.html
http://www.skuz.net/potatoware/jbn/index.html
http://freeyellow.com/members3/fantan/pgp.html
http://www.all-nettools.com/privacy/
http://www.geocities.com/CapeCanaveral/3969/gotcha.html
http://www.junkbusters.com/ht/en/links.html
http://www.skuz.net/potatoware/privacy.txt
Other additional useful sites:
Beginner's Guide to PGP:
http://www.stack.nl/~galactus/remailers/bg2pgp.txt
PGP for beginners: http://axion.physics.ubc.ca/pgp-begin.html#index
FAQ for PGP Dummies: http://www.skuz.net/pgp4dummies/
The PGP FAQ: http://www.cryptography.org/getpgp.txt
The SSH home page: http://www.ssh.com/products/ssh/
Anonymous Posting: http://www.skuz.net/Thanatop/contents.htm
Anonymity Info: http://www.dnai.com/~wussery/pgp.html
Nym Creation: http://www.stack.nl/~galactus/remailers/nym.html
General info: http://www.stack.nl/~galactus/remailers/index-pgp.html
........................................................
Version 17
-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt http://www.ipgpp.com/
iQEVAwUBPiQL/WToeXEUpganAQI+agf9Euo5HbVeAa+x/GgPo5HDHb75KQple6AC
d4CNjtpV6jBRW+KV+yvOw+v/lH3BmfPdq7lJTtYmmkKswsu++bXZC/j+a/SX+pkr
MfyadSLXOKQbNMMIUZjjfy2CPSgZXvVIaPgVy1eYWs5j24zFPJtQzlgTO/puczDZ
TdSBVzrpxvDvFCgUhm9J29bjnSGKPzvvpCZLG3G3abjQA4hGdP94rHLiHlcZLHPO
8tNt7Ds+uBBKXn9B1wlJFnhDGcPMoIv+wNMA5b+nfOsgafxLOy7YGUqjknBIIn6/
GDEyqPMrV7Hr2JFpBs3YXSRae/ZFV7MaAw2Tvfdhe+Bz51uaxWwt9w==
=pIlk
-----END PGP SIGNATURE-----