You Are Under Surveillance

 

Have you looked around lately and felt like something's fundamentally wrong? Are you tired of having to ask permission to live your life? Are you angered by the level of control and surveillance you see everywhere? Are you sick of everyone wanting your data? Are you tired of corrupt police that are never held accountable for their illegal actions?

To be secure in our daily lives, we must be secure in our 'cyber lives'. Criminals try to hack into our accounts, or scam us out of our hard-earned cash with some type of phishing scam. Big business attempts to collect our data to market the next 'amazing product' that we just can't live without, while Big Brother and the surveillance state attempts to peer into even the most private aspects of our personal lives.

Corrupt police departments can comb through everything you have said on-line or in an electronic communication (e-mail / text message) to find something to charge you with. Even the most truthful and innocent statement can be used to bring criminal charges against you. U.S. Supreme Court Justice Stephen Breyer, writing in Rubin v. United States 524 U.S. 1301 (1998) stated: “The complexity of modern federal criminal law, codified in several thousand sections of the United States Code and the virtually infinite variety of factual circumstances that might trigger an investigation into a possible violation of the law, make it difficult for anyone to know, in advance, just when a particular set of statements might later appear (to a prosecutor) to be relevant to some such investigation.” You don't have to have done anything wrong, they just have to make it look like you did.

There are a great number of security tools that can help you protect yourself in the ever-growing cyber-world. Here are some of those tools for your consideration:

HTTPS Everywhere (https://www.eff.org/https-everywhere) HTTPS Everywhere is a free and open-source browser extension for Google Chrome, Mozilla Firefox, Opera, Brave, Vivaldi and Firefox for Android, which is developed collaboratively by The Tor Project and the Electronic Frontier Foundation (EFF). It automatically makes websites use a more secure HTTPS connection instead of HTTP, if they support it. The option "Block all HTTP requests" makes it possible to block and unblock all non-HTTPS browser connections with one click.

Privacy Badger (https://privacybadger.org/) Privacy Badger is a free and open-source browser extension for Google Chrome, Mozilla Firefox, Opera, and Firefox for Android created by the Electronic Frontier Foundation (EFF). Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the Internet. An additional option is Adblock (https://getadblock.com/).

NoScript (https://noscript.net/) is a free software extension for Mozilla Firefox, SeaMonkey, other Mozilla-based web browsers, and Google Chrome, created and actively maintained by Giorgio Maone, an Italian software developer and member of the Mozilla Security Group. By default, NoScript blocks active (executable) web content, which a user can wholly or partially unblock by whitelisting a site or domain from the extension's toolbar menu.

VeraCrypt (https://www.veracrypt.fr/en/Home.html) VeraCrypt is a source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file or encrypt a partition or (in Windows) the entire storage device with pre-boot authentication. VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).

KeePass Password Safe (https://keepass.info/) KeePass Password Safe is a free and open-source password manager primarily for Windows. It officially supports macOS and Linux operating systems through the use of Mono. KeePass stores usernames, passwords, and other fields, including free-form notes and file attachments, in an encrypted file. This file can be protected by any combination of a master password, a key file, and the current Windows account details. By default, the KeePass database is stored on a local file system (as opposed to cloud storage). Another option is Password Safe (https://pwsafe.org/).

BleachBit (https://www.bleachbit.org/) When your computer is getting full, BleachBit quickly frees disk space. When your information is only your business, BleachBit guards your privacy. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn't know was there. Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Adobe Flash, Google Chrome, Opera, and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.

Freeraser (https://freeraser.en.uptodown.com/windows/download) Freeraser is incredibly easy to use. Much like Securely File Shredder from above, it places a Recycle Bin-like icon on your desktop that you can use for a file shredder. Just drag a file or group of files to the bin and they'll be forever erased from your computer. Data Sanitization Methods: DoD 5220.22-M, Gutmann, Random Data. When running the Freeraser setup file, you can choose to install it like a standard program or run it like a portable one, which means the files will install to a folder that you can use on a removable drive. You can use Freeraser in Windows 10 through Windows XP.

Securely File Shredder (https://download.cnet.com/Securely-File-Shredder/3000-2144_4-75987012.html) Securely File Shredder is another file shredder program that installs really fast and works by drag and drop. You can add one or more files and folders to Securely File Shredder to completely obliterate them using any of the shredding methods listed here. Data Sanitization Methods: DoD 5220.22-M, Gutmann, Schneier. In addition to the above, you can use Securely File Shredder to easily shred the contents of the Recycle Bin by clicking the appropriate button in the program. Securely File Shredder works with Windows 10, 8, 7, Vista, and XP.

SafePad (https://www.andryou.com/safepad/) SafePad is a simple free text editor that lets you encrypt your documents using the industry standard FIPS Compliant AES encryption algorithm (Advanced Encryption Standard). To protect your document you can provide 2 passwords (the 2nd password is optional). Passwords have always been a problem when it comes to security as users tend to pick a password that is easy for them to remember. This also means that the password is most likely easy to crack. By using 2 passwords and performing multiple iterations of encryption, it makes it much harder to crack the passwords. If someone manages to crack password 1, all they will get back is encrypted text, so it would be very hard to them to know they have cracked that password.

Standard Notes (https://standardnotes.org/) Standard Notes is a safe place for your notes, thoughts, and life's work. A free, open-source, and completely encrypted notes app.

Virtual Private Network (https://www.comparisonvpn.com/) a VPN is used to encrypt your outgoing and ongoing traffic. This tool will help you compare between different VPN services.
Enable Two-factor Authentication (https://ssd.eff.org/en/module/how-enable-two-factor-authentication) Two-factor authentication (or “2FA”) is a way to let a user identify themselves to a service provider by requiring a combination of two different authentication methods. These may be something that the user knows (like a password or PIN), something that the user possesses (like a hardware token or mobile phone), or something that is attached to or inseparable from the user (like their fingerprints). A list of sites supporting 2FA can be found here (https://twofactorauth.org/).

Signal Private Messenger (https://signal.org/en/) Signal is a cross-platform encrypted messaging service developed by the Signal Foundation and Signal Messenger LLC. It uses the Internet to send one-to-one and group messages, which can include files, voice notes, images and videos. Its mobile apps can also make one-to-one voice and video calls, and the Android version can optionally function as an SMS app. Signal uses standard cellular telephone numbers as identifiers and uses end-to-end encryption to secure all communications to other Signal users. The apps include mechanisms by which users can independently verify the identity of their contacts and the integrity of the data channel.

WhatsApp (https://www.whatsapp.com/) WhatsApp, is a freeware, cross-platform messaging and Voice over IP (VoIP) service owned by Facebook. WhatsApp's end-to-end encryption is available when you and the people you message use our app. Many messaging apps only encrypt messages between you and them, but WhatsApp's end-to-end encryption ensures only you and the person you're communicating with can read what is sent, and nobody in between, not even WhatsApp. This is because your messages are secured with a lock, and only the recipient and you have the special key needed to unlock and read them. For added protection, every message you send has its own unique lock and key. All of this happens automatically: no need to turn on settings or set up special secret chats to secure your messages.

Wire (https://wire.com/en/) the former Skype vice president left the company when Microsoft bought it and decided to develop another service to replace Skype. This is how Wire appeared. It is a messenger with end-to-end encryption for making calls, exchanging images, videos, documents, GIFs, and so on. The registration is anonymous, you just need to provide your username. The messenger is available on three platforms and is equipped with a message synchronization system. Wire is great for private and secure group conversations with up to 128 people.

Telegram Mesenger (https://telegram.org/) Telegram is a cloud-based instant messaging and voice over IP service. Telegram client apps are available for Android, iOS, Windows Phone, Windows, macOS and Linux. Users can send messages and exchange photos, videos, stickers, audio and files of any type. The default messages and media use client-server encryption during transit. This data is also encrypted at rest, but can be accessed by Telegram developers, who hold the encryption keys. In addition Telegram provides end-to-end encrypted calls and optional "secret" chats between two online users on smartphone clients. However, the desktop clients (excluding macOS client) do not feature end-to-end encryption.

Gab Chat (https://chat.gab.com/) Gab Caht is an encrypted chat messaging service with public & private chat rooms. All messages in private rooms are encrypted on the user's device and cannot be read by Gab. Messages are deleted after 30 days.

Wickr Me (https://wickr.com/) Wickr instant messaging app allows users to exchange end-to-end encrypted and content-expiring messages, including photos, videos, and file attachments. The software is available for the iOS, Android, Mac, Windows, and Linux operating systems.

The Dark Net

TOR: The Onion Router (https://www.torproject.org/) Tor is free and open-source software for enabling anonymous communication. Defend yourself against tracking and surveillance. Circumvent censorship. Tor directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities unmonitored.

OnionShare (https://onionshare.org/) OnionShare is an open source tool that lets you securely and anonymously share a file of any size. Securely and anonymously share files of any size. A web server is started, making OnionShare accessible as a Tor Onion Service, potentially temporarily or in a stealthy manner, over the Internet. An un-guessable address is generated and is shared for the recipient to open in the Tor Browser to download the files. No separate server or third party file-sharing service required. You host the files on your own computer.

Tails (https://tails.boum.org/) Tails is a Debian-based distribution for Linux that ships with Tor anonymizer, encryption and security software. The Tails system can be downloaded to any computer from a regular flash drive or SD card, which makes it convenient to use for safe Internet surfing. All Internet connections are made via TOR, and messages are encrypted with modern cryptographic means. Tails does not save any traces of your Internet activity. Tails also has support for the anonymous I2P network, which provides anonymous use of applications. The network is based on IP-style messaging, but there is also a library for creating reliable TCP-style streaming connections. Tails supports the mode of saving user data between downloads; a separate encrypted partition is created to store data on a USB drive, TrueCrypt is used for encryption. Tails also provides protection against the analysis of amnesic in the computer's memory, in the process of shutting down and removing the media, all RAM is automatically cleared.

Ricochet IM (https://ricochet.im/) Ricochet or Ricochet IM is a free software, multi-platform, instant messaging software project originally developed by John Brooks[4] and later adopted as the official instant messaging client project of the Invisible.im group. A goal of the Invisible.im group is to help people maintain privacy by developing a "metadata free" instant messaging client. Ricochet uses the Tor network to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with your contacts without revealing your location or IP address. Instead of a username, you get a unique address that looks like ricochet:rs7ce36jsj24ogfw. Other Ricochet users can use this address to send a contact request - asking to be added to your contacts list. You can see when your contacts are online, and send them messages (and soon, files!). Your list of contacts is only known to your computer - never exposed to servers or network traffic monitoring. Everything is encrypted end-to-end, so only the intended recipient can decrypt it, and anonymized, so nobody knows where it’s going and where it came from.

Encrypted E-Mail

ProtonMail (https://protonmail.com/) ProtonMail is an end-to-end encrypted email service founded in 2013 in Geneva, Switzerland by scientists who met at the CERN research facility. ProtonMail uses client-side encryption to protect email content and user data before they are sent to ProtonMail servers, unlike other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network, or dedicated iOS and Android apps.

Tutanota (https://tutanota.com/) Tutanota is an end-to-end encrypted email software and freemium hosted secure email service. Tutanota offers end-to-end encryption for emails sent from one Tutanota user to another. Tutanota uses a standardized, hybrid method consisting of a symmetrical and an asymmetrical algorithm - AES with a length of 128 bit and RSA with 2048 bit. To external recipients who do not use Tutanota a notification is sent with a link to a temporary Tutanota account. After entering a previously exchanged password, the recipient can read the message and reply end-to-end encrypted.

Posteo (https://posteo.de/en) Posteo is an independent email provider based in Berlin. Posteo is for all who have had enough of companies that collect data, inboxes polluted with advertising and all-pervasive surveillance on the internet.

MailFence (https://mailfence.com/) Mailfence is an encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in November 2013 by ContactOffice Group, which has been operating an online collaboration suite for universities and other organizations since 1999. The service uses an open-source implementation of OpenPGP (RFC 4880). Private keys are generated in the client-browser, encrypted (via AES256) with the user's passphrase, and then stored on the server. The server never sees the user's passphrase. The service also supports end-to-end encryption using passwords with the possibility of message expiration.

AxCrypt (https://www.axcrypt.net/) AxCrypt is open-source encryption software offering both a free version and a premium (at-cost) version for Microsoft Windows, macOS, Android, and iOS. It was originally developed in Sweden by Svante Seleborg and is produced and maintained by him and the staff of AxCrypt AB. It can compress, delete, encrypt/decrypt, and edit files (though, thus far, the Android, iOS, and free macOS versions are read-only viewer programs). It is a file-based encryption program, as differs from a container-based encryption program, i.e., each single to-be-protected file is encrypted individually by the program, rather than the program putting all to-be-protected files into a single encrypted container like VeraCrypt does. Axcrypt comes in installer versions for all mentioned operating systems and also a standalone (portable) version for Windows.

Mailvelope (https://www.mailvelope.com/en) Mailvelope is a free browser add-on which uses the OpenPGP standard and is designed for webmail. No additional programs are required to download or install. With Mailvelope, you can Create encryption key pairs, export your public key (then you can share it with others), import other people's public keys. You can create, encrypt and sign emails, decrypt and verify letters, encrypt and decrypt attachments. Your interlocutors do not need to install Mailvelope. Any OpenPGP-compliant program is enough. Mailvelope lacks many of the features Thunderbird, Enigmail, and GnuPG have, but today this is probably the easiest way for a webmail user to start using Open PGP Encryption.

GnuPG (https://www.gnupg.org/) GnuPG is a complete and free implementation of the OpenPGP standard. GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories. Gpg4win is a Windows version of GnuPG featuring a context menu tool, a crypto manager, and an Outlook plugin to send and receive standard PGP/MIME mails.

Steganography

Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. OpenPuff (https://embeddedsw.net/OpenPuff_Steganography_Home.html) OpenPuff is a professional steganography tool with unique features, suitable for highly sensitive data covert transmission.

Self-Destructing Messages

Self-Destructing message apps allow the user to upload a message to a server. A link to display the message is provided to the user to share with the intended recipient of the posted message.  The link to the message expires and the message is deleted from the server when set conditions are met (i.e. after the link is opened or after a given amount of time). Self-Destructing message apps include:
    Privnote https://privnote.com/
    One Time https://1ty.me/
    SafeNote https://safenote.co/

File Transfer Services

Sometimes you may want to transfer a file that is too large to be sent through e-mail. In this case a file transfer service is a useful tool. File transfer services include:

Send Transfer - https://www.sendtransfer.com/
Transfer Now (France) - https://www.transfernow.net/en/
TransferXL - https://transferxl.com/
We Transfer - https://wetransfer.com/

Search Engines That Do NOT Track You

DuckDuckGo (https://duckduckgo.com/) A search engine that doesn't track you.

Swisscows (https://swisscows.com/) A Switzerland-base private search engine with zero tracking.
 
Metager (https://metager.org/) A private search engine based in Germany.  

Start Page (https://www.startpage.com/)  StartPage uses results from Google, which is a good thing if you prefer Google’s result without tracking.

Search Encrypt (https://www.searchencrypt.com/home)  Search Encrypt uses local encryption to secure your searches. It combines AES-256 encryption with Secure Sockets Layer encryption. Search Encrypt then retrieves your search results from its network of search partners. After you’re done searching, your search terms expire so they are private even if someone else has access to your computer.

Encrypt Your Data in the Cloud

Cryptomator (https://cryptomator.org/) Cryptomator makes your cloud storage trustworthy. The app encrypts files on your mobile device before they are uploaded to your cloud. Even if a third party gained unauthorized access to your files (e.g., hacker attack), your files are secure from prying eyes.

Boxcryptor (https://www.boxcryptor.com/en/) Boxcryptor protects your data in the cloud with end-to-end encryption. It works with Dropbox, GoogleDrive and many more providers, on all platforms.

Keybase (https://keybase.io/) Keybase is a secure file sharing and messaging app.

Install a Firewall

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet. Recommended free firewalls include:

Comodo Firewall (https://www.comodo.com/home/internet-security/firewall.php)

Zone Alarm Firewall (https://www.zonealarm.com/software/free-firewall)