Encrypted digital message software applications and services
Aug 23, 2010 at 1:46 AM Thread Starter Post #1 of 21
Welly Wu

Welly Wu

Headphoneus Supremus
Joined
May 16, 2003
Posts
5,165
Likes
12
I am interested in knowing if any Head-Fi members utilize instant messaging, chat, e-mail, VOIP, encrypted stealth web browsing, etc. software applications and services that feature strong cryptologic features (i.e., PGP, RSA, Blowfish, AES, RC5, SHA-1, MD5Sum, etc.) for the Microsoft Windows operating system. I currently use Hushmail, but it is limited to 2 GB of free storage which is sufficient for my personal usage. I would like to see a list of websites that offer what I am searching for. For what it is worth, I own a 1 GB Ironkey and I utilize a custom Mozilla FireFox that has built in hardware AES-256 bit plus Privoxy when I am in a public Wi-Fi hot spot that does not deploy any type of security or authentication process. The true reason why I am asking for help from community members is to generate more options for me to consider.
 
I hope that I get many detailed replies as this topic is closely related to my studies in computer security and cryptology. Thank you.
 
Aug 23, 2010 at 1:59 AM Post #2 of 21
Not to start an argument with others, but I think that the custom version of Mozilla Firefox combined with Privoxy and hardware AES 256 bit plus NoScript and Adblock Plus offers the strongest privacy and security of any web browser currently available. It does slow down the raw speed capabilities compared to a stock configuration of Mozilla Firefox though and that is the trade off that Ironkey users must accept. I may purchase a 16 GB Ironkey this Christmas 2010 from NewEgg though.
 
Aug 23, 2010 at 7:39 AM Post #4 of 21
Discussion is fine I think, unless you're telling someone the line-by-line source code of an encryption scheme.
 
http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States
 

Quote:
welly wu said:
I am interested in knowing if any Head-Fi members utilize instant messaging, chat, e-mail, VOIP, encrypted stealth web browsing, etc. software applications and services that feature strong cryptologic features (i.e., PGP, RSA, Blowfish, AES, RC5, SHA-1, MD5Sum, etc.) for the Microsoft Windows operating system. I currently use Hushmail, but it is limited to 2 GB of free storage which is sufficient for my personal usage. I would like to see a list of websites that offer what I am searching for. For what it is worth, I own a 1 GB Ironkey and I utilize a custom Mozilla FireFox that has built in hardware AES-256 bit plus Privoxy when I am in a public Wi-Fi hot spot that does not deploy any type of security or authentication process. The true reason why I am asking for help from community members is to generate more options for me to consider.
 
I hope that I get many detailed replies as this topic is closely related to my studies in computer security and cryptology. Thank you.
Click to expand...


Have a few questions for you here: What is this build Mozilla FireFox that you are using, do you have a link for it? By hardware AES-256, I'm guessing you're speaking of hardware accelerated AES, as it's impossible to "install" hardware encryption via software. Privoxy alone is simply a http parser/filter, are you using it in combination with TOR for anonymity?
 
It sounds like you may have proper encryption on the local machine but aren't encrypting/securing your connection to the internet. The only proper way to do that is some form of a secure tunnel (ie. VPN). Even then, it's only secure to the distant end, so you'd be secure to your home network or whatever server you tunneled to. The only way of having a fully encrypted connection is to have encryption enabled software on both ends.
 
Aug 23, 2010 at 9:07 AM Post #5 of 21
That is correct. The only secure VPN tunnel endpoint that I can connect to right now is at NJIT. Otherwise, using the custom Mozilla Firefox 3.6.8 web browser with hardware AES - 256 bits and Privoxy is effective to protect my ASUS computer only when I am at a public hotspot. PC World has step by step instructions on how to create a VPN while connected to public Wi-Fi hotspots on their website for Windows 7. However, I am interested in other digital message software applications and services that are more robust. Thanks.
 
Aug 23, 2010 at 9:35 AM Post #6 of 21
Do you have a link for your custom Firefox build and are you using Privoxy with Tor? 
 
I've used PGP for email encryption in the past with good results. For my laptop I have full disk encryption on the hard drive and use VPN when I'm on a wireless hot spot.In the past I have seen some plugins for chat programs for encryption but they have all required both ends to have it installed in order to work properly. Not convenient for most of my usage cases so I didn't bother researching any further.
 
Aug 23, 2010 at 9:59 AM Post #7 of 21
NoScript + Privoxy is a bit overkill methinks. I use NoScript + Adblock, which I find sufficient.  A VPN tunnel can be set up to a home machine on broadband, or paid colo or VPS server, but you get much the same result with one of those programs designed to surf the net anonymously, if they use encryption as well.  They tend to use Tor proxies, which I forgot which or whether they offer SSH as well.
 
I do have my email hosted with Google, which can be locked down to use SSH only, both on the web and over POP and IMAP, though the encryption isn't as strong, I don't see why anyone would care that badly to read my email.
 
Aug 23, 2010 at 11:16 AM Post #8 of 21
Useful stuff mentioned here. moriez praises the knowledged ones
rolleyes.gif

 
Aug 23, 2010 at 5:38 PM Post #9 of 21
Nebby,
 
You should navigate to http://www.ironkey.com and click on Ironkey Personal. That specific web page will detail Secure & Private Web Browsing along with the plethora of other features loaded into each Ironkey Personal device. They are really good products and I love mine. I will probably buy the largest capacity 16 GB Ironkey Personal from http://www.newegg.com .
 
Here is the link:
 
http://www.newegg.com/Product/Product.aspx?Item=N82E16820323020&cm_re=ironkey-_-20-323-020-_-Product
 
Would you consider purchasing one for yourself?
 
Quote:
nebby said:
Do you have a link for your custom Firefox build and are you using Privoxy with Tor? 
 
I've used PGP for email encryption in the past with good results. For my laptop I have full disk encryption on the hard drive and use VPN when I'm on a wireless hot spot.In the past I have seen some plugins for chat programs for encryption but they have all required both ends to have it installed in order to work properly. Not convenient for most of my usage cases so I didn't bother researching any further.
Click to expand...



 
Aug 23, 2010 at 6:36 PM Post #10 of 21
Ah, I see now. When you said it was a custom Firefox build with hardware AES, that confused me. From Ironkey's page on their Secure Sessions service, it's not clear if the usb key actually uses the hardware to encrypt the stream so I have to wonder if the vpn tunnel encryption is done via software.
 
Would I buy one? No, as I have no need for one. I already have programs that do the same functions on my computers and I see no need to pay for an expensive USB key to do the same things. I don't foresee myself using a computer that isn't mine to do anything that would warrant the use of one either.
 
Aug 23, 2010 at 6:53 PM Post #11 of 21
I received an e-mail message from their customer support department and they confirmed that their custom Mozilla FireFox web browser utilizes hardware AES-256 bits to encrypt the secured session. Then, it gets passed on to Privoxy for further stealth browsing. VPN capabilities are handled separately through modifying Windows 7 or by purchasing a subscription VPN server access. The July issue of PC World provides a short article on how to setup and configure a secure VPN within Windows 7 for web browsing at public and unsecured Wi-Fi hotspots such as public libraries, coffee shops, etc.
 
I may just very well do more research and subscribe to a VPN server. It would certainly help me to understand my CompTIA Security+ textbook and the NJIT MS IT Administration & Security degree program concepts with real-world application of theories and concepts.
 
Aug 23, 2010 at 7:23 PM Post #12 of 21
Good to hear that it uses their hardware chip for the encryption, I was thinking that it should but wasn't sure due to the wording. It's pretty easy to setup a VPN in Win7, Microsoft did a good job of improving the networking functions in it's latest and greatest.
 
Do make sure to finish your Security+ before this year ends so that it's a lifetime cert!
 
Aug 23, 2010 at 8:43 PM Post #13 of 21
Welly Wu: Do you know what Privoxy does?  I've used it for some years.  
 
Aug 23, 2010 at 8:53 PM Post #14 of 21
Currawong:
 
Yes, I do know what privoxy does because I read their website: http://www.privoxy.org/ .
 
Nebby,
 
I am going to buy a voucher through Certs4Less for the CompTIA Security+ SYO-201 exam and I will pass it on my first try before December 15th, 2010.
 
I practically have the textbook memorized in my head and I started studying it in February 2010. It is the most fascinating textbook that I have read in a long time because it speaks to my obsession with computer security.
 
Aug 23, 2010 at 9:15 PM Post #15 of 21
Ah the 201 test. I was in the transition phase and chose to take the 201. Not too terribly different from the materials I was studying before, but I was glad that I took some time to review the newer book. Having realworld experience also helped a lot. Good luck on your test!
 
From what I've read it seems like Privoxy is mostly a proxy with programmable filter settings. I guess by "stealthed" you mean it blocks the various ways of tracking a user? A browser's private browsing mode would do something similar to an extent. I actually used something similar back when I was on win95: http://en.wikipedia.org/wiki/Proxomitron it was quite handy for filtering.
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top