TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      ANC puts spectrum trading firmly back on the table

      25 May 2022

      Reunert hikes dividend in tough market

      25 May 2022

      Everything PC S01E03 – ‘The story of Intel – part 1’

      25 May 2022

      Management shake-up at TymeBank – including a new CEO

      24 May 2022

      Standard Bank CEO apologises for weekend downtime

      24 May 2022
    • World

      Big Tech’s latest dive snuffs out hopes the worst is over

      25 May 2022

      iPhone 14 development schedule delayed by China lockdowns: report

      25 May 2022

      Tesla shares continue to plunge

      25 May 2022

      Terra collapse triggers $83-billion DeFi slump

      24 May 2022

      Zuckerberg sued in personal capacity over Cambridge Analytica

      24 May 2022
    • In-depth

      Bernie Fanaroff – the scientist who put African astronomy on the map

      23 May 2022

      Chip giant ASML places big bets on a tiny future

      20 May 2022

      Elon Musk is becoming like Henry Ford – and that’s not a good thing

      17 May 2022

      Stablecoins wend wobbly way into the unknown

      17 May 2022

      The standard model of particle physics may be broken

      11 May 2022
    • Podcasts

      The rewarding and lucrative careers to be had in infosec

      23 May 2022

      Dean Broadley on why product design at Yoco is an evolving art

      18 May 2022

      Everything PC S01E02 – ‘AMD: Ryzen from the dead – part 2’

      17 May 2022

      Everything PC S01E01 – ‘AMD: Ryzen from the dead – part 1’

      10 May 2022

      Llew Claasen on how exchange controls are harming SA tech start-ups

      2 May 2022
    • Opinion

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022

      Cash is still king … but not for much longer

      31 March 2022

      Icasa on the role of TV white spaces and dynamic spectrum access

      31 March 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»In-depth»How to turn the tables on Big Brother

    How to turn the tables on Big Brother

    In-depth By Regardt van der Berg10 June 2014
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    security-640

    Last week, Vodafone, the world’s second largest mobile operator, made startling revelations about secret wiretaps that allow government agencies to listen into and record live telephone conversations.

    These revelations come a year after American whistleblower Edward Snowden revealed the extent of US and UK government surveillance of electronic networks, of how those countries’ intelligence agencies scoop up the world’s communication in the name of defeating terrorism.

    The Internet is basically made up of millions of computers and servers. It should not come as much of a surprise that there are vulnerabilities. Unscrupulous individuals and groups, and now governments, use this to tap into private data.

    Many of these vulnerabilities are used by hackers to breach secure systems. They do so by gaining access, often using malicious software.

    “Absolutely, you should be very concerned,” says Dominic White, chief technology officer at information security firm SensePost about the implications of government surveillance on citizens.

    Edward Snowden
    Edward Snowden

    His advice is simple: if you have information that could be life threatening, or if you are worried about information getting out, do not share it online.

    In 2013, Snowden brought to light a series of global surveillance programmes which showed that America’s National Security Agency (NSA) and Britain’s equivalent, GCHQ, were harvesting and storing the communications of millions of ordinary people as well as political leaders around the world.

    Snowden’s leaks showed that billions of e-mails, text messages, phone calls, credit records and even webcam recordings were collected.

    White says that the most worrying information to come from Snowden’s leaks is the exposure of global dragnet surveillance — the complete capture and archiving of people’s communications. The data that was captured was not only from US citizens, with the NSA placing emphasis on capturing the data of non-US citizens. “That’s pretty scary,” says White.

    He says that Vodafone’s recent wiretapping revelations “don’t mean anything new”.

    “We know telcos cooperate with law enforcement agencies. This is just a display of scale. That said, Vodafone had no results for South Africa, so we’re no more illuminated as a country.”

    White says people should take greater precautions online to protect their personal information and safeguard their privacy.

    He has many suggestions about how Internet users can shore up their defences and ensure their communication is not intercepted.

    The first step is to “recognise that the tools you employ need to be appropriate for the threat you are facing”, he says. “If you are worried about the random distribution of your e-mail, or the dragnet surveillance of your data, it is a different threat to being actively targeted by intelligence services.”

    True privacy against an advanced attacker is difficult, White says. “A lot of people confuse the difference between secrecy and privacy.”

    He says users interested in knowing just how their data can be used should visit Don’t Track Us. This website shows how users’ search data could work against them when privacy is ignored and their data is sold. It shows how “innocent” search data can be used to profile and ultimately prejudice people.

    E-mail
    In order for e-mail to travel securely over the Internet, the message needs to be encrypted at both ends. Transport Layer Security (TLS) is a protocol that encrypts and delivers e-mail securely. However, if the recipient’s server does not use TLS, the message is left open for potential snooping.

    The Transparency Report is a website that Google uses to show the data that sheds light on on how laws and policies affect Internet users and the flow of information online.

    The report highlights, among other things, that many e-mail providers do not encrypt messages when they are in transit, leaving them open to interception. Google says this is changing slowly as service providers enable TLS on their networks.

    About 65% of messages sent by Gmail users are encrypted during delivery, meaning that the other 35% of encrypted messages are received unencrypted as the recipient’s mail server does not support encryption. Of the messages received, 50% of Gmail’s inbound traffic has encryption enabled.

    camera-640

    Google recently announced End-to-End, an extension for its Chrome Web browser. When it is released in a few months’ time, it will help users encrypt, decrypt, digitally sign and verify signed messages using OpenPGP. This has traditionally been reserved for tech-savvy users, but Google hopes to make the technology accessible and easy to use.

    “The problem with PGP (Pretty Good Privacy), the current decryption program used by most e-mail platforms, is that it is difficult to manage over time. You have to be cognisant that it’s not a transparent encryption technology,” says White. “Google End-to-End is not a particularly new idea, but it is interesting to see Google pushing it.”

    There is another promising solution called Dark Mail which was announced late last year, says White. Dark Mail is being developed by Silent Circle and Lavabit, the secure e-mail service which closed its doors rather than hand over government-requested privacy keys to its users’ e-mail. The two companies are pioneers in the encrypted communications industry. Dark Mail, which has not yet been released, provides an end-to-end encryption platform for e-mail and it is looking promising.

    Messaging and voice calls
    When it comes to the encryption of instant messages on the Internet, there are a lot more options available compared to e-mail.

    Telegram is one of the more popular applications for cross-platform messaging and is available on Android and iOS, although unofficial third-party versions of the app are also available for Windows Phone. Telegram sends encrypted and self-destructing text messages, video, photos and any other file type.

    Seecrypt is another encrypted messaging application, developed in Pretoria by the privately owned and funded software development company of the same name. The Seecrypt platform not only provides secure messaging, but also supports secure voice calls between Seecrypt-enabled devices.

    The application is available on many platforms, include iOS, Android, Blackberry 10 and Windows Phone. Seecrypt uses double-layer AES-256 and RC4-384 end-to-end encryption and produces new session keys for each voice call or message.

    Silent Circle is a multi-function, multi-device secure communications platform. It handles encrypted texts, phone calls, video calls and file transfers from any mobile or desktop platform. Silent Circle was created in 2011 when one of the founders of PGP and cryptography legend Phil Zimmermann as well as the creater of Apple’s Whole Disk Encryption, Jon Callas, were approached by former US Navy Seal Mike Janke to create a private encrypted communications network.

    The company has also developed a secure mobile phone with encryption technology built in. The device is called the Blackphone and runs a modified version of Android called PrivatOS, which was built around encryption and security to ensure that no information leaves the device unsecured. The Blackphone sells for US$629 and includes a number of Silent Circle subscription services to allow secure calling and messaging.

    On the Web
    The DuckDuckGo search engine promises to keep its users’ searches private and prevent search results that profile and target them based on what they look for. This is a practice that is common with search engines such as Google, which use “profiling” to target users with customised search results and targeted ads.

    White Hat Aviator is a private and secure web browser that uses DuckDuckGo as its primary search engine. It also disables ads and media files from playing automatically, which can be a source of malware attacks. Aviator blocks tracking software used by many search engines and also blocks “HTTP referrers”, preventing servers from tracking the websites you come from when browsing.

    Tor-640

    One of the more advanced tools employed by people who want anonymity online is called The Onion Router, or Tor for short. This software was originally developed with the US Navy in mind and its primary function was to protect government communication. Tor provides a network of virtual tunnels that protect users’ privacy and blocks their location from snoops.

    White says Tor hides users’ Internet protocol address, but a problem with it is that it is very slow and many online services block access if they detect that traffic is coming from Tor nodes.

    Although applications such as these assist with users’ privacy and anonymity, changes need to be made at an architecture level, says White “We need engineers responsible for the Internet to build better protocols for users to ensure privacy and anonymity.”  — © 2014 NewsCentral Media

    Blackphone Dominic White DuckDuckGo Edward Snowden GCHQ Google Jon Callas Mike Janke NSA Phil Zimmermann PrivatOS Seecrypt SensePost Silent Circle Telegram app Tor Vodafone White Hat Aviator
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleBCX in Nigeria acquisition
    Next Article SA tablet for rural areas, education

    Related Posts

    Big Tech’s latest dive snuffs out hopes the worst is over

    25 May 2022

    Bernie Fanaroff – the scientist who put African astronomy on the map

    23 May 2022

    Chip giant ASML places big bets on a tiny future

    20 May 2022
    Add A Comment

    Comments are closed.

    Promoted

    Fortinet’s FortiNDR accelerates threat detection with advanced AI

    25 May 2022

    Collaborative problem solving sets our partners on a growth path

    25 May 2022

    You are the weakest link: how to stop the costliest Internet scam

    25 May 2022
    Opinion

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    From spectrum to roads, why fixing SA’s problems is an uphill battle

    19 April 2022

    How AI is being deployed in the fight against cybercriminals

    8 April 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.