Author: Tobias Mitterfellner

Why information security is our duty

--Originally published at Tobi`s Blog

In an world where government surveillance and data bought from companies is used to stop protest movements, to guide the public opinion and to stop progress we all need to secure our data to keep the world turning. Otherwise we loose our influence on the future and give all the power to governments and companies. This is undermining the principles of democracy.

It’s not sufficient to just harden yourself. I’ll give you some examples.

I refuse to back up my phone numbers to all the companies who are trying to push me to. But what does it help when everyone else doesn’t. The mapping of social connections is completed eitherways.

When only a few use encryption, its them who are suspicious. If everybody does no one is, or all. Sadly the latter is the common mindset of intelligence agencies.

Extremely stupid Facebook games of thirdparties are getting access to our data when we accept to use them. You’re not using them? Well, defintely a bunch of your friends does…

Today the technical means we have are beyond those mentioned in dystopian litarature.
Face recognition, cameras at every corner, social network mapping, profiling, position tracking via Smartphone and many more are reality.

I don’t want to live in a world where I run into problems for
what I read, talk about with friends or even just think.

Conclusion? Please care for your privacy and let people know!!!

P.S. Very interesting talk about government surveillance

Photo credit: Jay Phagan via VisualHunt.com / CC BY

 


Plausible Deniability in Cryptography

--Originally published at Tobi`s Blog

Let’s start with a little metaphor. Over the weekend we rented a big ass familyvan to drive into the mountains over the weekend. Stupid decisions brought us to a steep muddy path, where we messed around a lot and finally got stuck. Obviously…
Finally we rescue the van somehow, but it really looks like shit. So when we return the van to the unnamed car-rental. The guy gets biiig eyes when he looks at our van and wants to know what we did. He even orders a mechanic to check if we broke it. Big hassle.

What does that have to do with Encryption?
Well, when you’re for example crossing borders and have your encrypted harddrive with you the officer might get big eyes as well and things can get a bit complicated for you. You’ve encrypted your drive, so “obviously” you have something to hide, are lying and a terrorist. Be creative…
Some countries do have a really negative attitude towards encryption.

To come back to the van, if we’ve had cleaned it, no one would have gotten any suspicions.

So how do we achieve that with our encrypted drive?

One method is steganography. The art of hiding a file in another file. So if someone has a look over your data he will be like:

“Oh a video with 4GB”                ‘clicks on it’       the video runs                    Nothing suspicious here

There is no reason to dig deeper. But if you open it with Veracrypt you’re prompted with: “Please enter Password”.

One way to achieve this is described here:
http://keyj.emphy.de/real-steganography-with-truecrypt/

Well implemented steganography is the master’s way of plausible deniability, because there is even to closer look, no hint of an encrypted container.

Another way is to use Veracrypts hidden container in a container. The second container is

Continue reading "Plausible Deniability in Cryptography"

How this will start

--Originally published at Tobi`s Blog

I’ll be complaining about a lot of stuff that completely freaks me out, sprinkled with things I love. Call it hatespeach with positive touch ?
As there are a lot of things I passionately hate, those posts will most likely make up the majority. I’m pretty sure not to be the only one who has those antipathies. So let’s see where those annoyances come from, what’s the root and how we can get rid of them.

I’m awaiting your thoughts and suggestions.