2 posts tagged “encryption”

A great thing happened on the internet yesterday - the digg community retaliated against censorship, and in effect against the MPAA.

Some Background
A cease-and-desist letter was sent to a website that dealt with the cracking of the AACS encryption used on HD-DVD and Blue-Ray disks. Nothing big in that regard, except that the C&D letter contained the actual key used in the infringing material. As is the case with anything on the internet, the key was out, and there was no way to stop it from being spread (DeCSS, I'm looking at you!). In this age of social networking, such information would undoubtly make its way to sites such as Reddit and Digg. Of course, Diggnation, the podcast associated with Digg.com, is sponsored by HD-DVD.

The Fallout
As the key spread, articles were submitted to Digg like normal. The only odd thing was that posts relating to the magical hex number started to get deleted. Then users began to get banned. In an social circle were almost everyone is against censorship (not necessarily for piracy, just for fair use and against being censored), the digg community rebelled. Comments and stories containing the hex key flooded the site, and were being deleted by moderators in record time.

At one point, the entire front page of digg was nothing but stories about the number.This had gone far beyond just a number that the MPAA would like to have kept quiet, it had turned into a situation where people were being censored in a venue where there was normally nothing to stop them. Digg runs on the fact that the users decide what is a good story, what is a bad story, not the moderators (who, incidently, only step in to delete posts against their ToS). The C&D letter contained the key itself, and since legal documents are public domain, the number would never be completely locked away again.

Domain names were registered, cups, hats, and all sorts of materials ended up being host to the magical hex number. Because of digg, the key that the MPAA wanted kept quiet was everywhere now. In true internet fashion, like its predecesor DeCSS, the magical hex key has become an staple of the internet. Hell, the number even has it's own song now!

Digg Gives In
Last night, Kevin Rose made a post on his blog saying that digg will stop deleting posts and comments regarding the number. Digg may go down in flames or be buried under huge legal bills, or it may turn out just fine. Today, most of the posts are no longer about the number, but about how digg was deleting the posts and ultimately how the user community won.

I'm completely at a loss for what I want as my first post on Vox, so I'm going to put something up that I've been working on on-and-off for my Blogger blog.

I recently went on two trips, a wedding and then a business trip, and both involved getting internet access at the hotel. The hotel we stayed at at the wedding had free wireless internet, which was completely unencrypted and definately visable from the other hotels grouped around it. The second hotel had strictly wired internet which required me to sign up. Neither of them really gave me a huge amount of confidence in them keeping my information safe. What does one do? If you have broadband and a dynamic DNS account (I suggest DynDNS.org, I've used them for years without a problem), you have some options!

Remote Desktop

This is the easiest thing to set up. All you need is a broadband connection back home, a router, and a spare computer. If you don't want to spring for an extra Windows license for the machine, you can install Ubuntu Linux and use FreeNX to run a fully encrypted session through your home's internet connection. I prefer this solution over regular Windows XP Remote Desktop because it is faster, and there is less chance someone will hack your Linux box as opposed to a Windows XP machine sitting on the internet.

Tunneling via VPN

There are a couple of ways that people can tunnel their internet connection. The one that will give you the most control is a VPN. Both times I used OpenVPN to connect back home, and I did all my browsing via a remote Linux box. The tunnel kept everything encrypted just like a corporate VPN, and since I did everything through a remote computer's browser, there was no chance of my passwords being sniffed across the network. VPNing also does not restrict you to what is on a single machine. If you use iTunes or SlimServer to stream music across your network at home, you can access them just like you could if you were at home.

You can also have OpenVPN force all your traffic through the secure VPN connection. This way you do not have to set up a remote computer to do your surfing (in a normal non-tunneled VPN, all of your internet requests go through the ISP you are connected to, in this case the hotel). This is fine as long as you don't do any large downloads as that will quickly kill your VPN's bandwidth.

To set this up, I recommend replacing your home router with an IPCop linux router and installing the Zerina OpenVPN plugin for it. This will set up a VPN server (and a much nicer router than what most $50-$100 routers are) in less than 30 minutes. For your clients, you can install the command-line OpenVPN client for Linux (Ubuntu/Debian users should be able to just do a 'sudo apt-get install openvpn' if you have the extra repos set up), and Windows users can use the OpenVPN GUI.

TOR + Privoxy

This is a good last-ditch effort if you don't have broadband at home or can't set up either of the above options. TOR (The Onion Router) is a software router that takes all of your traffic through other random TOR servers out on the net. What this does is find a single TOR server, sends the request to it, which finds another TOR server and sends the request through it, so on and so on until you reach your destination. Slow, yes, but it gets the job done.

Privoxy allows you to set up a SOCKS4/5 proxy to filter different programs through TOR. You can point your IM programs, browsers, or anything else that supports SOCKS proxies to your local Privoxy install, which then pushes it through TOR. Brilliant! This will not speed up a TOR connection at all, but it gives you a good measure of protection from packet sniffers.

Well, I hope that this helps those road warriors out there a bit. In this day and age, the tools to do identity theft are free and getting easier and easier to use. The above suggestions on keeping your information private should help keep you a bit safer when it comes to the internet.