I am upgrading the security of my communications while still being easy to use. I thought I would share what I currently use in case it is helpful to copy and I would appreciate comments.
I want end-to-end encryption so nobody can intercept what I am saying (unless they have infected my phone or computer, but that is another issue), and bonus points for making it so that it is unknown who I am communicating with and when (private metadata and traffic). Skype, phonecalls, sms/texts, slack and email are now known to not be private (at least by default) thanks to Edward Snowden. This is too bad since I still use these. (Slack is not end-to-end encrypted even for direct messages, which it could and should.) So far I have only partially achieved the first step: end-to-end encryption. I am migrating to:
- Signal for point-to-point instant messaging replacing sms and skype. Free software, free of cost, and open source, works on smart phones, and with a chrome-based desktop Signal app on my Mac (which is what I mostly use). It uses phone numbers as identifiers, which is kind of a pain. EFF friend called this “best of breed” for security. Small development staff. I have donated.
- appear.in for 1-on-1 and small group video chat that is end-to-end encrypted replacing Skype. This does not require a download or an account. Go to the homepage, type a bunch of characters to make a meeting room, then send the resulting url to someone and they can use that throw-away meeting room. Super easy. Uses webrtc (now standard in browsers), and https with it, they say it is end-to-end encrypted. They have a iphone app as well, but don’t know about security. This does not seemed designed for super high security, but seems to be pretty good.
- zoom.us for larger group video chats replacing Webex. Free of cost for most of my uses, easy to use (requires download, but is super easy) . It says it is end-to-end encrypted with a little lock icon when in use and encrypted.
- Facetime occasionally on my iphone replacing cellphone calls to friends with an iphone. Apple says that it is end-to-end encrypted.
- Thunderbird + Enigmail to sign all email, receive encrypted email, and sometimes sending encypted Email, with an organizational email server (archive.org not gmail). Enigmail is moderately hard to set up, I had help in a meetup. Cost free, and I believe free and open source software. I am donating.
- encrypted notes file (the mac Notes app) on my mac for high priority secure notes. It syncs the encrypted file with my iphone via icloud.
- Breadwallet, bitcoin wallet on my iphone, for small amounts of bitcoin for casual purchases. Super easy and a full wallet (does not hang off a server). Love this wallet. Cost free. I invested a tiny amount of money in the company– great guys.
- Torbrowser for private web browsing beyond Firefox’s Private browsing feature. Free and open source software, cost free. I have donated.
Any comments or ideas are welcome. I realize have traded off security for ease of use. I hope stronger tools get easier and I suggest we all invest in tools based on donations and development help. I wish I knew my mac and iphone were not compromised. Not sure how to do that.
I have tried ricochet as an instant messaging client that secures who I am talking to via Tor, easy to use, but few I know use it, so I don’t use it often. I have tried encrypting my email using pgp via enigmail but have run into trouble with others being able to read it, so I do not encrypt email by default. As an aside, encryption is related in a funny way to content-addressible systems, which is a different subject, but this is magic and the future.
—– From a commenter: —–
Web search: DuckDuckGo or StartPage.com. (thank you, Reinout)
Thank you!
In your list I miss that pervasive tool we all use: web search, what is your current practice with that (my various machines are set to DuckDuckGo or StartPage.com).
Thank you, you are right, I added that to my post.
searx.me is also nice!
@Kahle Please add HTTPS to your website using Let’s Encrypt! 🙂
thank you for the pointer to searx.me I will try it.
and https is the right thing to do. we have done that for archive.org and openlibrary. wish it were easier to do for all sites.
Assuming Trump requires back-door encryption keys, some kind of simple open source javascript encryption engine would seem prudent. Cut and paste from an email, then read. Of course, they might require java pattern locks (like those preventing you from scanning money) that might block java from running this code. Spy v spy.
Worse case, a one-time pad with keys distributed to friends on flash drives….
So sad.
On os/x it’s also easy to turn on full disk encryption (FileVault). Go to the “Security and Privacy” setting and turn on FileVault. If you do, be sure *not* to accept its offer to store the key in iCloud. Write down the “recovery key”, and hide it somewhere away from the computer. The security of this approach is based on the security of your normal login password, so if it’s lame, change it to something that can’t be guessed or brute forced easily
thank you! I added it to the http://blog.archive.org/2017/02/03/upgraded-secure-communications-applications-i-am-now-using/ version. I gave you credit, hope that is ok.