Privacy

Why Privacy is more than Crypto

19 minute read Published:

During the last year hell seems to have frozen over: our corporate overlords neighbours at Apple, Google and Facebook have all pushed for crypto in one way or another. For Facebook (WhatsApp) and Google (Allo) the messenger crypto has even been implemented by none less than the famous, endorsed-by-Edward-Snowden anarchist and hacker Moxie Marlinspike! So all is well on the privacy front! … but is it really? EDIT: A French version of this post is available here.

Secure Texting Part II

3 minute read Published:

Last summer I blogged about secure messaging and why FSFE cares about it (and why you should, too!). Since then a few things have changed, and I want to give you an update on the situation.The conclusion of my last article was: TextSecure and Kontalk are both good apps in our eyes, however, TextSecure has a much larger adoption and its protocol has gone through more reviews. The protool is integrated into CyanogenMod, recommended by leading security experts and the project just recently gained lots of media attention and $400.

Secure Texting and why FSFE cares

3 minute read Published:

Heard of WhatsApp? If you haven’t used it before (I e.g. haven’t), you can think of it as a free-of-charge messaging app that knows which of your contacts also have the app and automatically routes messages to them over your dataplan instead of SMS, so it’s (usually) free of charge. In the face of NSA and WhatsApp’s recent acquisition by Facebook, many of the million WhatsApp users are looking for secure and trustworthy alternatives.

Hacking encryption into Android

2 minute read Published:

Next weekend we are going to have a small hackathon in Berlin to port/fix/implement disk encryption on various Android devices. Android has full disk encryption since 4.0, but it only works when using regular filesystems, e.g. ext. If you have a device that doesn’t offer proper block devices, because the hardware doesn’t do wear-leveling et cetera, you will probably have YAFFS2 as a file system or something similar that does this on software side.

Improving E-Mail Privacy

3 minute read Published:

I have recently decided to use PGP / GnuPG to sign and encrypt emails, and I also recently switched from KMail (after using it for ~10 years) to Thunderbird [the why of the latter is a longer story I might tell some other time]. So, after not caring about email privacy for pretty long, I now got it all setup, although the setup on my laptop produces faulty inline PGP once in a while, where it doesn’t even recognize signed content itself…