Authorised by Brendan Molloy, Pirate Party Australia, 65 Burg Street, East Maitland, NSW 2323

Fun and easy ways to communicate securely* online!

http://slides.brendan.so/2014/online-comms

Created by Brendan Molloy / @piecritic
Creative Commons License
* We're all doomed! Quickly, onto the escape pods!

What we're going to cover:

  • Encrypted phone calls
  • Encrypted text messaging
  • Encrypted instant messaging
  • Safer web browsing
  • A look at future applications
  • Useful resources and further reading

General considerations

  • Encryption-by-default where possible lowers the risk of your privacy in general from being invaded.
  • There is no such thing as perfect security.
  • Understand your threat model.

Encrypted phone calls!

Android: RedPhone

Android: RedPhone app

Apple iOS: Signal

iOS: Signal app

Encrypted text messaging!

Android: TextSecure

Android: TextSecure app

iOS: nothing trustworthy yet :(

Open Whisper Systems are working on porting TextSecure to iOS as part of Signal, so keep your eyes peeled.

Encrypted instant messaging!

Windows/Linux: Pidgin + OTR Plugin

Windows/Linux: Pidgin app
Image source: http://blog.bigdinosaur.org/securing-openfire-clients/

OS X: Adium + OTR Plugin

OS X: Adium app
Image source: http://blog.bigdinosaur.org/securing-openfire-clients/

iOS/Android: ChatSecure

iOS/Android: ChatSecure app

Safer web browsing!

Simple suggestions

  • Use HTTPS where possible.
  • Use ad-blocking plugins for your browser (eg Adblock Plus).
  • Use tracker blocking plugins (eg Disconnect.me or Ghostery).
  • Use VPNs and Tor depending on your threat model and goal.

Plugin: HTTPS Everywhere

Tor: what does it do?

  • Tunnels your browsing through several other nodes.
  • Makes it harder for someone to monitor your activities.
  • Censorship-resistance due to how the protocol works.

Tor: how does it work?

Tor

Tor: what doesn't it do?

  • Does not guarantee anonymity.
  • Does not protect you from unencrypted communication tampering at end nodes.
  • Does not do operational security for you.

Emerging solutions

  • Skype replacements: Tox.im and Jitsi
  • Secure texting on iOS: Signal
  • WhatsApp adopting the protocol TextSecure uses!
  • iOS and Android encryption by default for the device
  • Still a long way to go to make PGP friendly
  • Things like keybase.io are a good start

Resources and further reading

EFF's Surveillance Self-Defense

https://ssd.eff.org

This resource covers off everything we've discussed and more, and links to relevant further reading in each case.

If you want to learn about PGP or VPNs, it is especially good.

Fin

Questions & comments

Created by Brendan Molloy / @piecritic
Creative Commons License