How can you communicate securely on the web, with absolute confidence that your correspondence will only be seen by the parties involved? What tools can you use?
In some instances where people are communicating through servers, the idea of using proxies and Tor have arisen for safe discussions or data sharing.
Tor was initially designed by the U.S. Naval Research Library to help reduce the risks of traffic analysis. This is done by distributing your transactions over several places on the Internet through proxies, therefore making it more difficult to pinpoint one singular destination.
“Traffic analysis” essentially informs servers of what is being done and who is doing it.
The problem with using proxies and Tor, especially when utilizing free proxies, is a matter of trust in where your information will be bounced.
The Tor Project pointed out that end-to-end attacks are still possible for those looking for information and the right channels, but the most important aspect is staying smart when using technology. This includes not revealing personal information.
Installing Tor is relatively simple, though it does slow down connectivity to a server in return for safer communications.
From the technical perspective of telephone communication, IT security expert Scott Janiki noted that back-end routing of calls on various networks utilizes the cheapest path for many companies.
“Even with proper controls in place to keep calls private, the resources available by [big players] probably would not help for long,” Janiki explained. “Unfortunately, as in this case, the public, when utilizing such services, was not informed from the onset by the vendor of this routing possibility.”
“Within Verizon’s privacy policy, it wasn’t mentioned that a foreign government is monitoring all communications that enter the U.S. Even if users were informed, most people would probably not understand the potential ramifications,” said Janiki.
For Canadians following this story closely, Canada’s communication voice and data infrastructure, on the other hand, only has a couple of major routing hubs, with the vast majority still located in the U.S.
“Therefore the likelihood of a data/voice communication staying in Canada is extremely low,” he said. “As a result of the spider web of networks which makes the communication connectivity so resilient, it has also eroded Canada’s sovereignty and with it certain Canadian rights and laws.”
Scott Hutchinson, a public relations manager for the Privacy Commissioner of Canada, noted the issue of national surveillance programs aided through information technology is a concern for authorities around the world.“While we don’t think privacy should uniformly trump security or vice versa, greater transparency regarding how the programs work is of order,” said Hutchinson. “Our office also plans to contact fellow international Data Protection Authorities who may share similar concerns about the personal information of their citizens to discuss combining fact finding efforts on this matter as appropriate.”
Communication Security Establishment Canada (CSE), similar to the National Security Agency (NSA), has its own metadata program with little known in regards to specific information. However, as reported initially, the PRISM program has already recorded conversations of millions of Verizon’s customers.
Though slow and not without its own concerns, said Janiki, regular postage through the mail may be the only secure way to ensure that communications remain private.
Originally posted in TechPageOne, aNewDomain.
Snap. Flash. Smile. 