Your web traffic is being logged at many different levels. There are a few different options to re-implement your privacy (living off the grid excluded), and the Tor network has long been one of the best options. But what about when you’re away from you home setup? Adafruit has your back. They’ve posted a guide which will turn a Raspberry Pi into a portable Tor proxy.
The technique requires an Ethernet connection, but these are usually pretty easy to come by in hotels or relatives’ homes. A bit of work configuring the Linux network components will turn the RPi into a WiFi access point. Connect to it with your laptop or smartphone and you can browse like normal. The RPi will anonymize the IP address for all web traffic.
Leveraging the Tor network for privacy isn’t a new subject for us. We’ve looked at tor acks that go all the way back to the beginnings of Hackaday. The subject comes and goes but the hardware for it just keeps getting better!
[dimovi] had a spare LCD monitor sitting around and thought it would be great to convert it into a “privacy” monitor.
The process is simple enough for anyone comfortable with disassembling electronics. He took apart the monitor’s plastic frame, cutting out the polarized film with a utility knife. Once the film was removed, he spent some time removing the film adhesive from the glass panel using a combination of Oops cleaner and paint thinner.
He reassembled the monitor, which now shines a bright white regardless of what is actually being displayed on the screen. He removed the lenses from a pair of theater 3D glasses, replacing the plastic with the film he removed from the monitor.
Now, [dimovi] is the only one who can see what’s he is doing on his computer, which is just the way he likes it.
While there’s not a lot of magic going on behind the process, we think it’s a neat way to reuse an old monitor.
Most people tend to enjoy a certain modicum of privacy. Aside from the data we all share willingly on the web in the form of forum posts, Twitter activity, etc., people generally like keeping to themselves.
What would you think then, if you found out your iPhone (or any iDevice with 3G) was tracking and logging your every movement?
That’s exactly what two researchers from the UK are claiming. They state that the phone is constantly logging your location using cell towers, placing the information into a timestamped database. That database is not encrypted, and is copied to your computer each time you sync with iTunes. Additionally, the database is copied back to your new phone should you ever replace your handset.
We understand that many iPhone apps use location awareness to enhance the user experience, and law enforcement officials should be able to pull data from your phone if necessary – we’re totally cool with that. However, when everywhere you have been is secretly logged in plaintext without any sort of notification, we get a bit wary. At the very least, Apple should consider encrypting the file.
While this data is not quite as sensitive as say your Social Security number or bank passwords, it is dangerous in the wrong hands just the same. Even a moderately skilled thief, upon finding or swiping an iPhone, could easily dump the contents and have a robust dataset showing where you live and when you leave – all the makings of a perfect home invasion.
Continue reading to see a fairly long video of the two researchers discussing their findings.
[Image courtesy of Engadget]
Continue reading “iPhone watching every breath you take, every move you make”
Maybe you don’t want that one person that has barged into your life to know your private phone number? Could be a salesperson or a co-worker who you aren’t that impressed with, but have to get in contact with. Check out inumbr.
inumbr is a free online service that gives US users the ability to set up a unique phone number, have it forwarded to any number within the US and then have it set to expire without a trace when finished with it. The unique inumbr’s are never reused, and can be extended if longer terms are required. Users choose from a list of 22 area codes from major US cities like Chicago, Los Angeles and New York, select an expiry date and set a number that it should be forwarded to. When the term is up, the number is expired from the system, and never used again for any other user. If you wish to use the number at a later date, you can log into the inumbr system and reactivate it.
As we are becoming more and more mobile and security conscious, the desire for these types of services grows. A phone number can now be given out at will, with security and privacy remaining intact. Google Voice is a major player in this arena. A somewhat similar service, they allow for a unique number with voice mail to forward to other numbers at will, creating a masked or unidentified private number that can be used to give out to 3rd parties. inumbr makes this process simpler with the ability to cut off and reactivate numbers as desired.
With a new administration coming into power, the Electronic Frontier Foundation feels that it’s time for a change (see what we did there). They’ve posted an agenda that covers fixing privacy issues that have come to the forefront in the last eight years. It involves repairing amendments that prevent corporations from being sued for warrantless wiretapping. They would also modernize the Electronic Communications Privacy Act so that it would cover modern technology. The heavily abused State Secrets Privilege needs reform as well. Their final issue is with REAL ID and datafarming that many state governments have already rejected. If even a bit of this gets fixed, we’ll be happy. In any case, it’ll be good to have a more tech focused administration that doesn’t need the internet explained to it in terms of dumptrucks and tubes.
[photo: Jake Appelbaum]
Piratbyrån and their hearties from The Pirate Bay are on a pan-European summer journey that will end at the Manifesta art biennial in Italy, but in the meantime they’ve been hard at work lobbying for total network encryption, a system that would protect users of a network (say, a P2P network) from deep packet inspection and other forms of activity analysis.
The system by which this will be achieved is called IPETEE, and it works by replacing the basic operating system network stack and doing all encryption and decryption itself. More details can be found in the IPETEE technical proposal.
Ars Technica pointed out numerous holes in the scheme, noting that most torrent apps already have encryption options. IPETEE applies to more than just torrents, though, so the larger problem is that encrypted packet still need source and destination IP addresses, meaning that one of the most crucial things you’d want to keep private (your destination site) is still accessible.