Schneier on Being Safe

Bruce Schneier, one our best independent security experts, has some useful advice on staying safe from NSA surveillance. He is working with the Guardian and has access to the Snowden documents so he can bring some reasoned analysis to the situation. The short story is that the math behind modern encryption is still sound and that the NSA’s reported “breakthroughs” almost certainly involve attacks on implementations, stealing or coercing the private keys of service providers, and the weakening of crypto standards.

He offers 5 things you can do to keep yourself safe. You can read his advice at the link but the TL;DR is encrypt your data and communications with open source software. The open source part is crucial given that the NSA has reportedly influenced major vendors to build in backdoors or weaknesses. Open source doesn’t provide absolute protection against this, of course, but it does make it much harder to sneak weaknesses into the system.

Schneier’s article is a good recapitulation of where we, as users and NSA targets, stand today and what steps we can take to keep our private matters private. It’s a good read. Recommended.

Posted in General | Tagged | Leave a comment

It Just Gets Better and Better

Glenn Greenwald’s latest article is out at the The Guardian. Despite repeated assurances that Americans’ data are respected and protected it turns out that the NSA is sharing raw intelligence including Americans’ data with Israel. As it happens, I don’t have a problem with Israel and am happy to have them as one of America’s friends. I also don’t have a problem with my pal Bob but that doesn’t mean I want to share all my private data with him. This is yet another example of how out of control the NSA is.

This may seem to be an American-centric problem but, of course, it’s not. The point to take away here is that the NSA has no respect for innocent Americans’ rights and even less for that of those from other countries. As the story at the link makes clear, the NSA’s brethren in those foreigners’ countries are only too happy to cooperate with the NSA and sell out their own citizens.

We must, all of us, insist that our governments knock it off and start respecting our right to privacy. Just whining won’t make it happen, of course, but a recent event here in the US shows us what’s possible. Whatever your feelings about gun control, a successful recall election in Colorado shows what can happen when voters feel the government is ignoring their wishes. We really need to hold our politicians’ feet to the fire and insist they put a stop to spying on their own citizens. Really, why do we even need to say this?

Posted in General | Tagged | Leave a comment

Dvorak on the NSA

John Dvorak is at his hyperbolic best in this piece on the NSA. In it, he throws out red meat for those of us enraged by what the NSA is doing. His take is that the NSA sees Americans as the enemy and that those in congress—the members of the Senate Select Committee on Intelligence and the House Intelligence Committee—are responsible for this and should be thrown out of office.

I often disagree with Dvorak and frequently find him annoying but it’s hard to disagree with what he says here.

Posted in General | Tagged | Leave a comment

Build Your Own Dropbox

As I’ve written many many many times before, if you’re using Dropbox to store sensitive data you absolutely must encrypt it before committing it to Dropbox. I use Dropbox solely to sync my 1Password keychain between devices so the file I’m storing is already encrypted. Many others use Dropbox to keep several sensitive files synchronized between machines so the necessity to encrypt them can be burdensome. I wrote about one way of solving this problem here but Remy Van Elst has a more comprehensive solution.

His idea is to build your own Dropbox clone so that you have complete control over the environment and what happens. Like the solution I linked above, he uses EncFS to encrypt files on the source machine and then syncs them to a server using Git and dvcs-autosync. Van Elst provides comprehensive recipes for doing this with Linux and OS X. Getting it to work on Windows would probably involve some work although I do know that EncFS has been ported to Windows.

It’s a very nice solution and may be perfect for those with special requirements or a distrust of Dropbox/SpiderOak. The main drawbacks that I see are

  1. A central server is needed to mediate the syncing. You can probably get one for about the same price as a paid Dropbox account and storage limits won’t be an issue for anyone with sane requirements.
  2. It can’t sync iOS devices. I’m not sure about Android. If you require files on your mobile devices, this solution may not work for you.

Even if you don’t need your own Dropbox, it’s worth taking a look at the post to see how Van Elst puts everything together (or at least it is if you’re sufficiently geeky).

Posted in General | Tagged | 1 Comment

The War Between NSA and the Tech Industry Begins

Patrick Gray over at Wired wrote an interesting article in which he posits that Tech Companies and Government May Soon Go to War Over Surveillance. His notion is that while tech companies may have been willing to accommodate the NSA or allow themselves to be pushed around before the Snowden revelations they now realize that the subsequent destruction of their users’ trust represents an existential threat. One way of regaining that trust is to put in place robust systems that make NSA surveillance difficult or impossible. By doing this now they put the government in a bind. As Gray remarks, it’s one thing to pass laws prohibiting such changes and quite another to mandate that they be removed from users’ devices It’s pretty clear that the public wouldn’t tolerate the latter.

Now, it would appear that the first shot in that war has been fired. The Washington Post is reporting that Google has accelerated its program to encrypt data as it moves between Google data centers. Before this change, data in flight between the data centers represented rare points of vulnerability. Whatever their previous transgressions, if any, it’s clear that Google is moving at speed to make their users’ data tamper-proof.

When I first read Gray’s article I was a bit skeptical that the war would come to pass. Google’s action gives me hope that maybe it will.

update: represent → represents

Posted in General | Tagged | Leave a comment

Learning Emacs Keyboard Shortcuts

Sacha Chua has been doing a lot of sketch notes lately. One of her most recent contributions are two guides for learning Emacs keyboard shortcuts. These are, of course, aimed at n00bs but they are well done and worth passing on to anyone you know who is struggling to get started with Emacs.

Chua has lots of good advice for learning about Emacs. I particularly like her observation that it’s a lifetime project. It tells the beginner that it’s all right not to understand everything right away. Those of us who have been plugging away at learning Emacs for years can sympathize. On the other hand, it’s actually nice that there’s always something new to learn.

Update: nner → beginner

Posted in General | Tagged | Leave a comment

Using Org Mode for Custom Workflows

jr0cket, aka John Stevenson, is working on a series of posts that discuss how to design a custom workflow with Org Mode. So far, he has a set of three posts but be sure to check his home page for more.

You may or may not find that Stevenson’s workflow makes sense for you but the nice thing about the posts is that they show you how to set up Org Mode in a way that does work for you.

As regular readers know, I am a big fan of Org Mode and use it for a variety of tasks such as

  • Managing my Todo list
  • Writing this blog and other writing chores
  • Maintaining records (such as tax deductable expenses) as a sort of spreadsheet.

These are long standing uses that I’ve written about before. The nice thing is that I’m always finding new uses. If you haven’t yet explored Org Mode, these posts are a nice starting point for one use case. There are many more.

Posted in General | Tagged , | Leave a comment

Schneier on Trusting the NSA

Bruce Schneier has a powerful article in The Atlantic on The Only Way to Restore Trust in the NSA. His prescription is to appoint an independent special council to clean up the mess. My first reaction when reading that was to snort, “Yeah, that’s gonna happen.” I still think that’s correct but Schneier makes a strong case for why it’s needed and why it would, in the end, help the NSA too.

The problem, Schneier says, is that no one any longer believes anything the NSA says and no one believes anything the President says about it either. The NSA has lied and been discovered lying repeatedly resulting in a complete breakdown in trust in the agency, the Intelligence community, and, if the commenters’ opinions are representative, government itself.

A special council with the power and a technically qualified staff to do a thorough investigation could report to the country the truth concerning what the NSA is doing and then we could have rational discussion about what we want to allow and shut down those programs that are clearly illegal. As I said, I doubt that will happen and that’s too bad.

Be sure to read Schneier’s article. It’s one of his best concerning the NSA scandals.

Posted in General | Tagged | Leave a comment

The Nikodemus Common Lisp FAQ

I’m sure I’ve mentioned Nikodemus’ Common Lisp FAQ before but it’s been a while so it’s worth reminding everyone. The FAQ is meant for Lisp n00bs as a way of getting over some of the initial hurdles a beginner faces. It’s a good read for any Lisper, though, and I like to reread it every once in a while myself.

Posted in Programming | Tagged , | Leave a comment

Interactive SICP

Longtime Irreal readers know that I consider Structure and Interpretation of Computer Programs (SICP) arguably the best computer science book ever written. Therefore, I was delighted when I discovered an online version of SICP with an embedded Scheme interpreter so that you can edit and run the code in the book. Just about any of the book’s Scheme expressions can be edited and run.

I couldn’t find any explanation on the site that explains how to invoke the interpreter but the README at the Git repository has the secret: with the cursor at the end of the expression press【Ctrl+Enter】.

I’ve only played with it a little but it seems really useful, especially for someone working their way through SICP for the first time.

Posted in Programming | Tagged , | Leave a comment