Reset the Net protest #RESETTHENET

The NSA document leaker SNOWDEN joins Google, Mozilla, Reddit, WordPress, Twitter and many others in a campaign and day of action that aims to help Internet users.

Part of the campaign https://www.resetthenet.org is a huge social media Thunderclap that will see partner websites and supporters tweet the same protest message at the same time. Also available is a ‘privacy pack’ that includes banners and other website ephemera.

I am using private and encrypted communication app by SECUMOBI
Encrypted Calls

Snowden called on others to join him for the 5 June day of action, and implement technologies to put an end to the mass government surveillance programmes.
“This is the beginning of a moment where we the people begin to protect our universal human rights with the laws of nature rather than the laws of nations,” he said.
“We have the technology, and adopting encryption is the first effective step that everyone can take to end mass surveillance. That’s why I am excited for Reset the Net – it will mark the moment when we turn political expression into practical action, and protect ourselves on a large scale. Join us on 5 June, and don’t ask for your privacy. Take it back.”
Snowden’s statement comes a day after Google announced that it was joining the Reset the Net campaign. Reset the Net already has many backers including Reddit and it will use the day to highlight privacy issues and security measures. The effort is supported by the Fight for the Future internet activist organisation.
https://www.resetthenet.org

Mass surveillance is illegitimate. I’m taking steps to take my freedoms back and I expect governments and corporations to follow in my footsteps and take steps to stop all mass government surveillance. After you sign, protect yourself here.

Encrypted Email End-To-End by Google

Making end-to-end encryption easier to use
Tuesday, June 3, 2014 12:56 PM
posted by Stephan Somogyi, Product Manager, Security and Privacy

http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encryption-easier-to.html

Your security online has always been a top priority for us, and we’re constantly working to make sure your data is safe. For example, Gmail supported HTTPS when it first launched and now always uses an encrypted connection when you check or send email in your browser. We warn people in Gmail and Chrome when we have reason to believe they’re being targeted by bad actors. We also alert you to malware and phishing when we find it.

Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security beyond what we already provide.

“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.

While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.

However, you won’t find the End-to-End extension in the Chrome Web Store quite yet; we’re just sharing the code today so that the community can test and evaluate it, helping us make sure that it’s as secure as it needs to be before people start relying on it. (And we mean it: our Vulnerability Reward Program offers financial awards for finding security bugs in Google code, including End-to-End.)

Once we feel that the extension is ready for primetime, we’ll make it available in the Chrome Web Store, and anyone will be able to use it to send and receive end-to-end encrypted emails through their existing web-based email provider.

We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.

You can find more technical details describing how we’ve architected and implemented End-to-End here.
Making end-to-end encryption easier to use
Tuesday, June 3, 2014 12:56 PM
posted by Stephan Somogyi, Product Manager, Security and Privacy

http://googleonlinesecurity.blogspot.com/2014/06/making-end-to-end-encryption-easier-to.html

Secure Encrypted Communication (Voice, Messages, Emails) Market Value

Hardware Encryption Market to reach $166.67 Billion by 2018 at a 62.17% CAGR

Encryption of data is a process of converting it into a form, where it becomes unintelligible to any person without access to a key/password to decrypt the data. The two forms of encryption that exist currently are the hardware-based encryption and software based encryption.
The major difference between hardware encryption and software encryption is that in hardware encryption, the encryption and decryption processes are done by a dedicated processor on the hardware encrypted device. In software encryption, the resources of the device on which the software is installed, are used for the encrypting and decrypting the data. This makes hardware encryption much faster. Another advantage of hardware encryption is that the cryptographic key is stored in a separate inaccessible portion of memory storage, thus making it more secure than software encryption.
Currently the cost of adding hardware encryption capability to storage products is still slightly high ($ 20-30, on an average). Also, the flooding in Thailand and the earthquake in Japan in 2011 pushed the prices of all hard disk drives up in 2012. This was mainly because all the top players in the digital storage industry have manufacturing plants in the APAC region, especially in Thailand. Thus a demand-supply imbalance caused a drastic rise in the average selling price of hard disk drives in 2012. Such external factors have delayed the adoption and wide spread deployment of hardware encrypted products. The hardware encryption market is on the road to recovery and the product prices are starting to come down again and this is driving the market forward.
The global hardware encryption market revenue is expected to reach $14.86 billion by end of 2013. It is also expected to grow to $166.67 billion in 2018 at a CAGR of 62.17%. Similarly, volumes are estimated to grow from roughly 59.76 million units to 691.79 million units in 2018 at a CAGR of 63.20%. This growth is heralded by the consumer electronics applications market for hardware encryption products. The hardware encryption applications in the Military Defense and Aerospace (MDA) applications sector is also expected to grow rapidly in the coming five years.
The Total addressable market (TAM) revenue for hardware encrypted hard disk drives is estimated to grow from $48.57 billion in 2013 to $146.37 billion in 2018. Thus, the market penetration of hardware encrypted HDDs into this TAM stands at 20.07% in 2013 and is expected to grow to 69.05% by 2018. The rapid adoption of hardware encryption is expected in the near future. The TAM revenue for hardware encrypted USB drives is estimated to grow from $6.82 billion in 2013 to $19.14 billion in 2018. The market penetration of hardware encrypted USB drives into this TAM stands at 33.17% in 2013 and is expected to grow to 63.81% by 2018. The TAMs have been calculated by the addition of the TAMs for each of the respective application markets.
When geographical markets North America, Europe, Asia Pacific and the Rest of the World are considered, APAC has the major share in the market with expected revenue of roughly $5.15 billion in 2013. The CAGR of the market’s primary base – APAC, for the period 2013 to 2018 is calculated to be 58.40%. Europe and North America are the fastest growing regions, with expected CAGRs of 64.03% and 63.69% respectively from 2013 to 2018, due to the major growth spurts expected in the consumer electronics sector in the developing countries in this region.
The major players in this market are Seagate Technology PLC (U.S.), Toshiba Corporation (Japan), Western Digital Corporation (U.S.), Samsung Electronics Co. Ltd. (South Korea), Micron Technology, Inc. (U.S.), SanDisk Corporation (U.S.), Kingston Technology Corporation (U.S.), Imation Corporation (U.S.) and so on.

Consumer electronics and Military, Defense & Aerospace (MDA) are the major applications for hardware encrypted products. But since the storage devices are inevitably used in almost all the application sectors, the Total Addressable Market (TAM) for hardware encrypted devices is very huge.

This report is focused on giving a bird’s eye-view of the complete hardware encryption industry with regards to the products market with detailed market segmentations; combined with qualitative analysis of each and every aspect of the classifications done by semiconductors, products, applications, sub-applications, verticals, and geography. All the numbers, both – revenue & volume, at every level of detail, are forecasted till 2018 to give a glimpse of the potential revenue base in this market.
As VoIP technology becomes more heavily integrated into the workplace, so too do the opportunities for hackers.
Voice information during a VoIP call is generally
routed unsecured through data packets on a public
network. There is software that can capture, reconstruct
and/or modify these sensitive voice conversations.
Standard VoIP implementations offer numerous
undesirable opportunities for creative hackers [6]:
- Eavesdropping and recording phone calls
- Tracking calls
- Stealing confidential information
- Modifying phone calls
- Making free phone calls
- Pranks / Practical jokes
- Board room bugging
- Sending spam (voice or email)
There are currently several competing VoIP
standards in the market (such as SIP [7], IAX [8] and
H.323 [9]), and very few practical security standards
available to secure them. Furthermore, many
enterprises that have adopted VoIP technology have
not been able to effectively secure these solutions as a
result of multi-vendor incompatibilities [10].

Hardware Encryption Market – By Algorithms (AES, RSA), Architectures (FPGA, ASIC), Products (Hard Disk Drives, USB Drives and In-Line Encryptors), Applications, Verticals and Geography – Analysis & Forecast (2013 – 2018)

Today’s IP news roundup highlights some of the latest headlines in VoIP, unified communications and more:
Infonetics Research revealed that the global VoIP market is expected to rise from $63 billion in 2012 to $82.7 billion by 2017. Their latest “VoIP and UC Services and Subscribers” market share and forecast report also stated that the use of SIP trunking jumped 83% between 2011 and 2012, as more multi-site businesses adopt it for flexibility and cost savings. Meanwhile, hosted VoIP and unified communications services revenue increased 17% in the same time period. For more information on the VoIP services market, see the Infonetics press release.
Your employees are the biggest threat to your network. AlgoSec’s “State of Network Security Policy Management” survey revealed that 64.5% of respondents believe that insiders pose the biggest risk to their organization. According to an article on the Channelnomics blog, “Respondents cite the bring-your-own-device (BYOD) trend as a major source of security breaches, while 40 percent report employee devices increase the overall risk of network and application outages.” Meanwhile, 60% of respondents cite “poor processes and a lack of visibility into security policies as one of the most significant obstacles to accurately detecting security threats.” For more information on the “State of Network Security Policy Management” survey, see Channelnomics.
New e-book outlines ways to secure your network and support your mobile workforce. The Business 2 Community blog ran an excerpt from Avaya’s 2013 Guide: TheCollaboration Trends, which outlines ways to protect your network from hackers when you adopt unified communications. According to the article, “Researchers at Avaya’s VIPER Lab and NACR have found that an unprotected IP phone gateway will be found and broken into by hackers located anywhere in the world within a week. Our research shows you can expect hackers to use your corporate network to rack up about $2,000 worth of fraudulent calls in just 8 hours–or half the time between the end of one workday and the start of the next one.” However, a number of security measures, such as encrypting your VoIP calls and using session border controllers, can help keep the hackers out. For more information on how to protect your network while supporting unified communications, see the Business 2 Community article.
- See more at: http://blog.allstream.com/the-voip-market-is-expected-to-hit-82-7-billion-by-2017/

2014 Market Share, Size, and Forecasts: WW, NA, EMEA, APAC, CALA
Equipment and Software
Enterprise Unified Communications and Voice Equipment (Q)
Enterprise Telepresence and Video Conferencing Equipment (Q)
Enterprise Session Border Controllers (Q)
Services
VoIP and UC Services and Subscribers (A)
Business Cloud VoIP and UC Services (A)
SIP Trunking Services (A)

Scorecard
North America Business VoIP Service Scorecard (A)

North American Enterprise Surveys
SIP Trunking and eSBC Strategies (A)
UC Cloud and On-Premises Strategies and Vendor Leadership (A)

Continuous Research Service
Analyst Research Notes: VoIP, UC, and IMS (O)

How to check if your Hosted VOIP PBX is Secure?

Are You Using a Hosted VoIP System? Investigate It As soon as possible.

Has the service provider provisioned your voice services with security in mind?

Evaluate services such as VLAN configuration, user authentication, and encryption, as well as the security of configuring and signaling methods. Also investigate any HIPAA, SOX, PCI, or other compliance guidance that may apply.


A client of our hosted contact center service wanted voice encryption on its phones because it’s highly protective of its data and it’s also subject to regulatory compliance

,” says XYZ, CIO at (NDA company signed). A Cisco Registered Partner, USAN provides contact center communications and optimization solutions that give users flexible ways to engage customers across channels.
Secure Encrypted VOIP APP android solution made in Sweden
For this client, (NDA company signed) chose the Secure Real-Time Transfer Protocol (SRTP) because it’s easy for users to use, has less overhead than IPsec protocols, and does not cause any difference in voice quality, says XYZ, vice president of managed services.

“By integrating SECUMOBI micro SD card, we give the client a customized encrypted solution that implements SRTP based on the configuration file in their VOIP server that is associated with the phone’s MAC address,” says Elias KAI, co-Founder of SECUMOBI.com

WhatsApp Location unsecure to share with friends

Do not share your location with your friends on WhatsApp until this issue is fixed!

Published on Apr 13, 2014

http://cyberforensics.newhaven.edu

http://www.unhcfreg.com

When you send your location over WhatsApp, the location image is unencrypted! Do not share your location until this bug is fixed.

Researchers at UNH discover a bug in WhatsApp’s location sending feature.

Introduction

We recently discovered what we believe to be a flaw in the way WhatsApp sends location data when it downloads the location from google maps. The main issue is that the location image is unencrypted, leaving it open for interception through either a Rouge AP, or any man-in-the middle attacks. In the spirit of keeping the world a safer place, we felt that it is best to send this bug/vulnerability to the WhatsApp team directly, which we did. They responded professionally with the following message:

” Hello XXXXXX, Thank you for your report. We have already implemented this solution in the latest beta versions of our app. We will be rolling this fix out to the general public with the next release on each platform. If you have any other questions or concerns, please feel free to contact us. We would be happy to help!”

We would like to note that we think WhatsApp is a great application, and the reason for us publicizing this on the Blog is so that people will not share their location on WhatsApp until this Bug is fixed.

Below we describe our experimental setup, the results, and the ramifications.

Network Forensics Experimental Setup

The mobile traffic was captured using the Windows 7 virtual wifi miniport adapter feature. The host computer was connected to the Internet via an Ethernet cable so that the wireless card was not in use. The Ethernet connection was set to share its Internet access with the virtual wifi miniport adapter — this helped us mimic a Rouge Access Point (AP). We were now able to capture the traffic over the wireless network using NetworkMiner and Wireshark. This is explained more elaborately in the posted video.

Results

When sending a location over WhatsApp we were able to reconstruct the location image that was sent as shown in our video. We note that the capturing of the location seems to occur only when the image was downloaded from google maps to be sent. The source was listed as google maps and the destination was the IP of the tested phone. We were not able to intercept the image until the message was sent from the phone, indicating that the download of the image did not occur until the message was actually sent. To validate our results, we ran multiple different experiments, and in one case, we installed tcpdump on the phone device, and found similar results.

Solution

When the image is being downloaded from google maps, it should be done over an encrypted tunnel.

Ramifications

Anyone, including the service providers will be able to collect this information — and anyone that sets up a rouge AP, or any man-in-the middle attacks such as ARP poisoning will be able to capture this unencrypted traffic and view the locations being sent from a phone.

Category

Science & Technology
License

Standard YouTube License

Thumbnail47:33 Lumea lui Banciu – 14 aprilie 2014 – emisiune completa by B1TVChannel 1,702 views
Thumbnail45:49 The End of the Universe: Big Crunch, Big Chill or Big Rip? by HD Universe Channel 257,066 views
Thumbnail5:23 Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted by UNHcFREG 5,839 views
Thumbnail3:18 HOW TO Spy on Whatsapp messages (100% FREE) MUST SEE ,MUST HAVE by MrWakeupProductive 191,719 views
Thumbnail12:31 Jordan Belfort: “Insanity happens.” by CNN 340,196 views
Thumbnail1:10 [HD] Nivaldo Prieto chora ao falar de Luciano do Valle | Gol | 20/04/2014 by RenJG+ 8,927 views
Thumbnail58:52 Strain Hunters India Expedition (FULL HD MOVIE) by greenhouseseeds 2,267,676 views
Thumbnail5:07 Dard Dilon ke Kam Ho Jaate Full SOng Lyrics.. | The Expose by pria songs 79,857 views
Thumbnail12:03 Nokia X Unboxing + Full Demo and First Impressions (White) by Danny Winget 37,579 views
Thumbnail3:51 ULTRA STREET FIGHTER IV プレイ解説 ヒューゴー編 by taitochannel 26,490 views
Thumbnail3:06 Bebezinho Discutindo Hora de Dormir Com o Pai !!! by lucianolusela 81,953 views
Thumbnail4:35 WhatsApp para PC (YouWave 4.1.1 FULL) 2014 by Tuto.Ze.Bra 10,450 views
Thumbnail52:52 Angra 2001 Rebirth Full Album by Roberto Silveira 31,689 views
Thumbnail23:15 Top 20 Best Android Apps 2014 by Explore Gadgets 532,879 views
Thumbnail1:26:39 Malware Hunting with the Sysinternals Tools by TECHED 26,651 views
Thumbnail9:49 TEENS REACT TO SMARTPHONES by TheFineBros 4,134,219 views
Thumbnail1:04:29 Night Of a Thousand Laughs |Volume 16| by AFRICAplus TV 190,002 views
Thumbnail12:05 Climate Change 2014: Impacts, Adaptation, and Vulnerability by IPCCGeneva 17,323 views
Thumbnail5:03 Top 5 Worst Phones Ever! by Austin Evans 1,727,765 views
Thumbnail21:30 Octodad – Dadliest Catch – Aquarium [3] by iBallisticSquid 773,250 views

YouTube home

About
Press & Blogs
Copyright
Creators & Partners
Advertising
Developers
+YouTube

Terms
Privacy
Policy & Safety
Send feedback
Try something new!

Is VIBER Secure? Images, Videos Vulnerabilities Hacking time


Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted

All comments (11)
Share your thoughts
Stream
tawfikakkad
18 hours ago

bbm is the best ,, thanks for your video 
Reply
·
Institute of Information Security via Google+
1 day ago

Researchers find security flaw in #Viber messaging app that allows un-encrypted data transfer between users. http://goo.gl/2HTqiG #infosec
Reply
·
1
Mian Muhammad Arif via Google+
2 days ago (edited)

Feel good that i am not one of those who love these crappy apps(and many more) for messaging. #whatsapp #viber
Reply
·
Ahndee92104
23 hours ago

Viber by far is not the only one – “GV Mobile +” on the iPhone has the same issue (as easily seen by looking at the screen shots on the AppStore)
Reply
·
1
Cisco Wolf via Google+
1 day ago
Christopher Burgess originally shared this

VIBER – if you use viber – take a moment and understand how they did NOT configure their AWS data stores containing your information with security in mind. Your video, photos and texts are available for perusal by third parties. For more details than contained in this video, you may wish to read this piece:
Viber’s poor security practices threaten user privacy

https://thehackernews.com/2014/04/vibers-poor-data-security-practices.html

Reply
·
@androbeee
1 day ago

Köszi #viber :/
Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted 
Reply
·
UNHcFREG
2 days ago

Reply
·
Robert M. via Google+
1 day ago

Reply
·
Christopher Burgess
1 day ago

If you use VIBER please read and heed
Christopher Burgess originally shared this

VIBER – if you use viber – take a moment and understand how they did NOT configure their AWS data stores containing your information with security in mind. Your video, photos and texts are available for perusal by third parties. For more details than contained in this video, you may wish to read this piece:
Viber’s poor security practices threaten user privacy

https://thehackernews.com/2014/04/vibers-poor-data-security-practices.html

4
Balázs Szabó via Google+
1 day ago
@androbeee originally shared this

Köszi #viber :/
Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted 
Reply
·
1
Nena D’mente via Google+
1 day ago
Christopher Burgess originally shared this

VIBER – if you use viber – take a moment and understand how they did NOT configure their AWS data stores containing your information with security in mind. Your video, photos and texts are available for perusal by third parties. For more details than contained in this video, you may wish to read this piece:
Viber’s poor security practices threaten user privacy

https://thehackernews.com/2014/04/vibers-poor-data-security-practices.html

Encrypted Chat Messages & Voice Calls by SECUMOBI.com

SECUMOBI has launched to a private circle, governmental agencies and business partners a unique encrypted mobile communication solution.

You could subscribe to SECUMOBI services and receive a micro sd card that you can insert into any Android mobile phone, download the VOIP Chat messaging app, enter your pin code and start securely communicating with private contacts that has also SECUMOBI.

SECUMOBI http://secumobi.com is offering a highly secure AES 256-bit encryption and aiming to become the secure global communication VOIP – VOLTE operator.

Secure Encrypted VOIP APP android solution made in Sweden

SECUMOBI IS YOUR SECURE MOBILE COMMUNICATION PRODUCT WITH THE FOLLOWING UNIQUE FEATURES

Confidentiality and Privacy by a Swedish company

SecuMobi provides end-to-end encryption of calls and messages between SecuMobi users with “perfect forward secrecy” by generating a unique encryption key for each call. Security card performs all cryptographic functions, including encrypting the speech stream.

Authentication

Local storage of public keys used authentication by a user.
Support for offline verification of credentials to ensure user identity

SECUMOBI Usability

User friendly – works like a regular mobile phone
Individual phone books give freedom to call anyone who has SecuMobi.
Configurable settings to customize the application according to personal preferences
Separation of advanced setting
Ability to configure auto-start when the phone is switched on
Always works when mobile data is working. The subscription must allow Internet telephony , such as Skype
Discreet – used on ordinary mobile phones without external accessories
Is always ready to use
Support selected Nokia Symbian S60 phones ( SecuMobi 3)
Supports Android 2.3 Gingerbread and 4.0 Ice Cream Sandwich ( SecuMobi 4)
Fast call setup and minimal latency due to unique encryption technology

Communication

Verified for use in the EDGE network and better. Often function even in the GPRS network
Supports STUN / ICE to get through firewalls
Configurable support for keepalive in mobile networks and WiFi networks

Security

All safety features are available on the safety card
Bluetooth disabled during secure conversations
Encryption is based on hardware tokens , a secure μSD card with integrated crypto – processor
Private and public keys are generated on μSD card. The private key is protected and never leaves the card.
Protection against attacks from the side channels
Security Profile compliant with the recommendations of the NSA Suite B
Authentication through ECC 384
Speech encryption based on AES 256 with unique key for each call.
AES 256 and digital signatures to protect the storage of messages and phone book.
Fixed bit-rate codec
Access to the card is protected by PIN and PUK codes

Deliverables

SecuMobi product package consists of:

A safe μSD card
A mobile app , downloadable from the server
PIN and PUK card security

TECHNICAL SPECIFICATIONS FOR SECUMOBI

SecuMobi client uses the SIP protocol service offered by Exformation as a globally available service or as a customized solution with a customer-specific server. For distribution outside of the EU, permission must be granted for export to the purchaser and end user certificate must be issued by the client.

SECUMOBI micro SD Security Card

Gisecke & Devrient Secure mobile card Voice Edition 2.0 Smart card in μSD form factor Advanced protection technology security cards including side channel attack.
SD flash memory , 2 GB
Cryptographic Processor on board
Key generation on card
FIPS certified
The security module hardware is Common Criteria certified IAL 5

SECUMOBI: Real time Encryption in Voice Calls and Chat messages communication

Authenticated Diffie- Hellman 384 bit elliptic curve cryptography
AES 256 -bit keys for encryption of calls and text
Unique key for each call – Perfect Forward Security
PIN -protected services in the security card
The third level of protection of SECUMOBI software application is also the protection of the devices used for calling, that is protection against spy softwares. During every call the SECUMOBI VoIP application continuously monitors the device used for the conversation in order to ensure that no other software can access the voice signals. In case the SECUMOBI VoIP application detects a spy software on the phone, it turns off immediately.
The special closed secure VOIP SECUMOBI network, the unique cryptochip protecting the network keys and the application protecting the phone, together guarantee the security of SECUMOBI susbscribers calls.
It is possible to customize the key length and ECC parameters to create fully closed user groups or customize safety profile.

SECUMOBI Secure VOIP Voice Call Quality

Last AMR technology not using VBR
High call quality worldwide in networks supporting EDGE or better
Low Delay
Fast call setup
Can also be used in GPRS network
Mobile Handset compliance

Most phones using Android 3.2 and 4.0
Nokia S60 3rd edition feature pack 2 handsets with Symbian 9.3 , E52 and E72
Requires telephone with room for μSD card
SecuMobi compatibility with Windows 7 PC is in progress. Blackberry and Windows Mobile 7 has been evaluated

Power and network

Low Power Standby
Low power consumption from security card.

You can download and start using SECUMOBI http://secumobi.com

Learn how to encrypt your internet communication

Learn to Encrypt Your Internet Communications
Always remember that anyone with access to a wire or a computer carrying your communications, or within range of your wireless signal, can intercept your Internet communications with cheap and readily available equipment and software. Lawyers call this wiretapping, while Internet techies call it “packet sniffing” or “traffic sniffing”. The only way to protect your Internet communications against wiretapping by the government or anyone else is by using encryption. Of course, it is true that most encryption systems can be broken with enough effort. However, breaking modern encryption systems usually requires that an adversary find a mistake in the way that the encryption was engineered or used. This often requires large amounts of effort and expense, and means that encryption is usually a critically significant defensive measure even when it isn’t totally impregnable.

Encryption, unfortunately, isn’t always easy to use, so as in other cases, your decision of whether to use it will pose a trade-off: is the inconvenience of using the encryption worth the security benefit?

The occasional inconvenience posed by some encryption systems is counter-balanced by the fact that encryption will protect you against much more than overzealous law enforcement agents. Your Internet communications are vulnerable to a wide range of governmental and private adversaries in addition to law enforcement, whether it’s the National Security Agency or a hacker trying to intercept your credit card number, and encryption will help you defend against those adversaries as well.

Also, as described in later sections, encrypting your communications not only protects against wiretapping but can also protect your communications while they are stored with your communications provider. So, for example, even if the government is able to seize your emails from your provider, it won’t be able to read them.

Considering all the benefits of encryption, we think that it’s usually worth the trade-off, although as always, your mileage may vary depending on your tolerance for inconvience and on how serious you judge the threat of wiretapping to be. In some cases, using encryption may not be inconvenient at all. For example, the OTR encryption system for IM is extremely easy to set up and use; there’s little reason not to give it a try. Check out the following articles to learn more about how you can use encryption to protect your internet communications against wiretapping, as well as against traffic analysis using pen-trap taps.

Wi-Fi. Using encryption is especially critical when transmitting your Internet communications over the air using Wi-Fi, since pretty much anyone else in the area that has a wireless-enabled laptop can easily intercept your radio signals. This article will explain how to encrypt the radio signals sent between your laptop and a wireless access point.

Virtual Private Networks (VPNs). Virtual Private Networks or “VPNs” are a potent encryption tool allowing you to “tunnel” communications securely over the Internet.

Web browsers. Some of your web communications can be encrypted to protect against traffic sniffing. Take a look at this article to learn more about HTTPS, the most common web encryption standard, as well as other browser security and privacy tips.

Email and IM. There are a number of powerful tools available for encrypting your emails and your IM messages; take a look at these articles to learn more.

Tor. Tor is free, powerful, encryption-based anonymizing software that offers one of the few methods of defending yourself against traffic analysis using pen-trap taps, and also provides some protection against wiretapping. Visit this article for all the details.

source: https://ssd.eff.org/wire/protect/encrypt