Random quote

"Those who go mad are merely thoughtful souls who failed to reach any conclusions." - Bloodborne

Monday, August 19, 2013

Protest the NSA email surveilance with encrypted files, a guide.

So browsing around the Internet, I found a comment by someone discussing email privacy. They suggested an act of protest regarding the NSA and their email (among other things) spying. I thought the idea was so good, I'd share it with you and even show you how to do it.

The NSA current keeps track of many things, way too many for me to list and we probably don't know everything that they do yet. One thing we do know is that they track email "metadata" and if an email contains anything encrypted, they keep it on a permanent or semi-permanent basis in order to decrypt it later. No warrant, no reasonable suspicion, nothing. They consider encryption to be suspicious in of itself. Even with the resources of the US government, no agency could track all traffic on the Internet or store everything, there's just far too much.

That brings me to the idea itself. What if we used something like TrueCrypt to create a small, encrypted file and attached it to all outgoing emails we send? These would likely be snatched up by the NSA for decryption at a later date, if and when it becomes possible to do without decades of computing time. If even a TINY percentage of Internet users did this, they would be up to their ears in encrypted files that contained... nothing.

I think this is a brilliant idea and I'll be doing this myself. I suggest you do, too. So here's a guide on how to set this up if you're interested.

Note: This is for Windows only, using TrueCrypt. The same idea would work with any OS or any program that allowed you to encrypt a file or container of files.

Step 1: Download and install TrueCrypt.

Head on over to truecrypt.org and download the program. Click "Downloads" at the top of the page and then select the version appropriate for your OS. Download it and run the file. Follow the instructions and finish.

Step 2: Create an encrypted container.

Now that you have TrueCrypt installed, open it up.

Click "Volumes" then "Create New Volume..."

The first option, "Create an encrypted file container" should be selected automatically, if not, select it and click "Next".

If "Standard TrueCrypt volume" isn't selected by default, select it and hit "Next".

Click "Select File..." then go to whatever folder you want to create the encrypted contained in and enter a name for the container. You can name it anything, with any extension or none. Waffles.jpg, stuff.doc, anything.mov or just plain BISCUITS. It really doesn't matter. After you've picked a folder and entered the name of the container, click "Save" then click "Next"

For the Encryption Algorithm, any will work but I recommend either AES-Twofish-Serpent or Serpent-Twofish-AES, just for the added complexity. As for the Hash Algorithm, any should be fine. Once you've made your selections on this page, click "Next"

Now we pick the size of the container. You'll want it to be small, so that sending emails doesn't take a long time. It should be big enough to contain whatever you want to put in it. Make a copy of the US constitution, a note from you to the NSA or something like that. You probably don't want it more than 1 or 2 MB. We'll set it to 1 MB. Click "Next"

Now we set a password. This should be a good one. TrueCrypt supports up to 64 characters for passwords, so let's do that. You can simply roll your face on the keyboard or type random characters, whatever works for you. Whatever it is, make sure it's 64 characters long and is a combination of letters, numbers, spaces and special characters. When you've got a nice looking one in the top box, copy it and then paste it into the second box.

We're also going to use a keyfile. You can even use multiple keyfiles if you want. TrueCrypt will take data from the keyfile(s) to strengthen the encryption, so why not? Check the "use keyfiles" box then click the "Keyfiles..." button. Click "Add Files..." and select one file, or multiple files. After that's done, click "OK"

The next window will take random data from your mouse movements in the window to help make the encryption more secure. Move your mouse randomly within the window for a few seconds, then click "Format"
And... that's it. You did it. Click "Exit"

Step 3: Attach this file to your outgoing emails.

Now, whenever you send an email, attach this file. You might want to avoid sending it to companies or businesses as they might be suspicious of random files being sent to them, and rightly so. But if you send an email to a friend or family member, attach the file. You might even want to change the name of the file every now and then.

Let the NSA get hundreds or thousands of useless, encrypted files that they will save for who knows how long. And if they actually do manage to get a system powerful enough to start decrypting them? Congratulations, you just wasted their time and resources! If they want to invade our privacy and destroy our 4th amendment rights, let's make them work for it.

And this isn't limited to Americans, if you're from another country you can do this when emailing anyone in the USA, the NSA will pay just as much attention to that, maybe more.

Thoughts?

No comments:

Post a Comment

Comments must be approved before displaying on the site. Any comments containing spam or trolling will not be authorized. Don't waste your time.