Secure Online Communication

Knowing more and more about total survaillance the questions is raised, if there is a way, to have securely private e-mail.

This is what came to my mind just now. I am sure, there is missing a lot. Please add.

Since one should mistrust ANY data center (even if their customer / your server admin collective is trustworthy) the best solution is to host your own.

  1. First study internet privacy and make you sure you want to change your habits. For surfing use different browsers for different use cases and mind your browser fingerprint as well as behavioral tracking. Do not log in over TOR and avoid HTTP authentication.
    is to use hardware you can control physically and which has no implemented backdoors (like Cisco, Huawai etc.).
  2. Check out the Freedombox (blog) or similar and find a fellow who can set it up for you or at best who explains / helps you to set it up yourself. If you have none, make friends with hackers near you.
  3. Encrypt all partitions and unlock them via a local ssh session everytime it is started (at best restrict ssh access to your subnet).
  4. Plug the box at a trustworthy place and configure it to use DNSSEC and a VPN, for example Riseup (switch regularly if possible).
  5. Use only services with encrypted connections – HTTPS, XMPP over SSL.
  6. Avoid using e-mail and train your friends to use your XMPP (jabber) server. For documents, photos, online collaboration use a platform on your own box.
  7. By this your traffic is encrypted and cannot easily be traced to your IP address.
    Pages are transferred encryptedly via SSL/TLS/HTTPS. Beware that they will be recorded by agencies anyway in the hope to decrypt them later. So make sure, to change your certificate regularly and to wipe old ones (just in case your hardware is seized).
  8. Setup Redmine, Lorea, Crabgrass, Etherpad, Pump or whatever service you like.
  9. Go one step further: Publish your platforms as hidden service (conventional TOR exit nodes are by agencies for used for MITM ). If your ISP uses deep package inspection to censor TOR or VPN usage get into DUST.
  10. Try LEAP.
  11. Follow Jakob Applebaum and Bruce Schneier.

Maybe this checklist is overhelming – joining or founding a local online privacy group is worth a thought as well.

21st century’ privacy is a huge challenge we can master only by sharing our knowledge and empowering each other. The single steps have to be taken by every individually though. There is no trustworthy state to call for nor company to rely on.

continue reading on digital freedom by Bob Ham