QuickCrypt is a small portable Windows program to encrypt and securely wipe your files, this freeware program is very easy to use, implementing an encryption algorithm that is uncrackable, AES256-bit, if you lose your password there is no way to get your file back. To run QuickCrypt you will need to have Microsoft .NET Framework installed in your computer.
One of its best features is being able to hookup the encrypted file with the computer where it was created by adding a System ID to the encrypted file unique to that computer, this makes it impossible for somebody to decrypt the proprietary .qcf encrypted file unless they are using your own machine. You can also create an automatic .zip file after encryption and add a comment visible to the person decrypting the file, the comment could be a hint to the decryption password or greeting.
Windows file encryption AES256 QuickCrypt
A QuickCrypt feature I have not seen anywhere else is being able to set an expire date to an encrypted file. After setting this up, if a file has not been decrypted within the specified number of days or months, it can no longer be decrypted. There isn’t any technical explanation with QuickCrypt but I am assuming that to accomplish it the decryption program checks for a date in the headers before decrypting the file.
This is a simple but powerful file encryption program. Most useful to send files to your friends via email but they will need to be using the same program to decrypt the data and the password will have to be transmitted in a secure way, not easy to do. You can also use QuickCrypt to wipe files, going into “Tools>Erase Files” opens up a new window where you can drag and drop anything that has to be securely shredded with up to 40 passes.
There are plenty of free file encryption programs out there, my favourite one is 7zip but choices are good and QuickCrypt could be one more option for your cyber arsenal if you trust closed source software and the developer skills of which very little is known.
Every time you enter a URL in your computer browser a DNS query takes places and asks your Internet Service Provider to translate the typed in letters into an IP address so that you can visit the website, this is what is called a DNS query and if you happen to be in a country that censors the Internet or practises mass surveillance the sites you visit can be watched in real time. It is also possible for a spy agency or malicious hacker to sit in the middle of DNS queries and show you a fake website when you try to visit certain URL, then proceed to capture your login and password or serve malware to your computer.
The most common use for DNS monitoring it is Internet filtering, schools and companies do this to fend off adult material and the Chinese Great Firewall does this to block news websites about the Tibet.
The programs below come preconfigured with dozens of free DNS servers, a few of them have built-in parental controls to protect your kids, others offer censorship free DNS queries and do not log any activity, with the most security conscious offering encrypted DNS queries. The advantage of using one of these programs to change your ISP DNS servers, over doing it manually, is that it only takes one click and you don’t have to search DuckDuckGo for free public DNS providers.
ChrisPC DNS Switch: It comes with more than two dozen free DNS providers, one drop down menu allows you to select the network adaptor and another drop down menu classifies the DNS providers into “Anonymous” (no logs), “Family Safe DNS” (URL filtering), “Secure DNS” (malware filtering), “Regular DNS” and “Custom DNS” where you can manually enter the name server you would like to use.
ChrisPC DNS Switch
DNSCrypt Windows Service Manager: A DNS encryption only DNS changer, it helps you configure your network adaptor with one of their supported DNS encryption providers. At the moment consisting of DNSCrypt.eu in Europe and claiming to keep no logs, OpenDNS in the USA, CloudNS in Australia and OpenNIC in Japan. You are also given the option to choose UDP/TCP and IPv4 or IPv6.
DNSCrypt Windows Service Manager
QuickSet DNS: A minimalist Windows utility to change the DNS settings of your computer or router. This is one of the few DNS changing utilities that allows you to change your router DNS using a graphical interface. Optionally you can also use QuickDNS from the command line.
QuickSetDNS
DNSJumper: Windows DNS graphical interface where you can select the DNS of your choice out of a long list of public DNS servers (Comodo DNS, Norton DNS, Google DNS, etc). To change DNS settings often the program lets you flush the previously applied name servers with the click of a button.Clicking on the “Fastest DNS” button will automatically find the most expeditious name servers for you.
Name Server changer DNSJumper
If you are using a VPN to encrypt your connection your ISP could still be able to see what sites you visit monitoring the DNS servers, this is know as DNS leak. To avoid this risk you should change the default DNS servers in your router or computer. For extra security you should select a DNS provider that encrypts queries, it is the equivalent of HTTPS for DNS.
Note: If the DNS program does not have a DNS flushing button you can flush your DNS cache manually in Windows with:ipconfig /flushdns
KwikDesk is a self-destructing social messaging platform to share short Twitter like messages with hash tags and a limit of 300 characters. Unlike Twitter, to use KwikDesk you will not be asked to fill in a form, you don’t have to pick any username or password, KwikDesk connection is encrypted with SSL and the website claims not to track IP addresses.
In exchange for this anonymity, you will lose functionality, you won’t be able to create a profile and following one to one conversations will be more difficult than it is in Twitter.
KwikDesk web app is fairly elementary, you type in a message, select after how many days the message should be self-destructed and add a hashtag so that others can find it, without people knowing what hashtag to type in the message will remain hidden. After somebody reads the message they can quickly reply using the same interface or publicise it in Twitter with their own Twitter account
Twitter alternative KwikDesk
The main difference in between KwikDesk and a self-destructing notes site is the hashtags. You don’t have to send a link to your hidden messages, people only has to go to KwikDesk type in a hash tag and all of the messages classified under it will appear.
There is a Chinese version of KwikDesk and as proof of concept it is great but if the website becomes a nuisance it could be blocked by a government or denied access with a distributed denial of service attack. Maybe the upcoming KwikDesk powered OneOne iPhone app will solve those flaws.
IONU is a new messaging tool for Windows, Mac OS, Android and iPhone, the program can be used by individuals or an organization that needs central administration capabilities.
During the Windows installation you will be given a warning that the digital signature is not valid and the publisher can not be verified, the installer will also automatically download Microsoft Visual C++ runtime libraries if they are not present in your system.
Secure private messenger IONU
Account creation was relatively easy, just pick a username and a passphrase. IONU will force you to utilize a minimum of 8 characters password that combines letters and numbers. You will have to add three security questions for password recovery and a link is sent to your email where you have to click to confirm that you own that inbox. If you use IONU in multiple devices, like mobile and desktop, data will be synced across them without you doing anything, a central IONU server manages the data and updates your client when you first login.
In order for people to be able to find you in the messenger, you will have to set up an account identifier with your email address, name and phone number, if somebody wishes to connect with you they only need to search for this information and send you a friend request. It is not necessary to make visible your phone number an email, you can just use a nickname, privacy options can be managed in the client settings.
You can only communicate with people added to your contacts list, this stops spam. Chat messages and file transfers are encrypted, IONU says that they have no way to read the chat even if they wanted to and you get delivery and read reports, with an optional “Vanish” function that sets an expiry date to your messages, after which they will no longer be readable. The program can also be used to encrypt data to the cloud, it supports Dropbox and Box.
I could not find any detailed explanation about IONU security specs and a central server forwarding the messages is always a concern in case it is ever compromised, adding that IONU is an American company and the history that USA companies have of being subject to NSA spy gagging orders. The company says it is not viable for them to decrypt anything for anybody but I was not totally convinced that a government can not force them to mess with their server to download malware or something else to a target customer .
Android encrypted messenger IONU
Assuming you trust IONU claims that they aren’t able to read anything and you trust the encryption scheme they are using is safe, it seems like a good app to have private conversations out of the reach of malicious hackers sniffing packets on your network and a good way to protect your privacy by sending lapsing messages that can not be saved, although metadata should still be available in IONU servers, like login connection times and computer IPs.
If your main concern is protection from criminals, IONU is a far better option than WhatsApp or Yahoo Messenger, if you are up against the NSA, I would look for another solution like the Torsion messenger for anonymous chat over Tor, or a program that has no central server managing messages.
Chadder is secure Instant Messenger app for Android, Windows mobile and iOS (soon to be realeased), launched by a joint venture in between McAfee antivirus founder John McAfee and Internet privacy start-up Etransfr.
Chadder encrypts messages with public key cryptography taking place in the background, the user does not have to deal with passwords, other than his own Chadder account password and there are no encryption keys to manage. The best of Chadder traits is that it is as simple and easy to use as Vibe but with added security and unlike WhatsApp it is not owned by NSA friend Facebook CEO Mark Zuckerberg.
Private messaging app Chadder
When you send an instant message in Chadder the encryption keys used to cipher the message are directly forwarded to your contact, the Chadder server only receives the encrypted message, the company has no way to read it, they never have access to the encryption keys. Your contact is forwarded the encrypted message and only him will be able to decrypt it with the encryption keys you forwarded separately to his mobile device.
I liked how easy it is to register with the service, picking up a username and a password gives you a Chadder account straight away without any waiting period or verification.
When you first launch the program a tutorial tour guides you through the intuitive features, consisting on how to add contacts and where to access settings by taping on a wrench icon to go to your profile. Users profile is set to private by default, changing it to public will make it easier for others to request a connection typing in your name, email address or phone number. A more private way of connecting with somebody is by generating a numeric code that you can post anywhere. You will not be able to exchange private messages with people until you both have agreed to be added as friend first
The service is still in beta and features kept to a minimum, for example, there are only two available avatars called “Boy” and “Girl“, you can’t upload a custom one. More relevant missing functionalities that Chadder does not offer are group chat, visible message delivery notifications and vanishing messages.
My view is that they have released this app too early but the proof of concept seems fair. Until they release a more advanced version, I will stick with Wickr for secure mobile phone communications.
AirChat is a free open source program developed by the Anonymous hacking group to anonymously communicate with other people over the air waves. To be able to use it you will need a ham radio with the open source Fldigi modem controller connected to your laptop or desktop computer.
AirChat transmits data using a radio connection, there is no need for Internet infrastructure or mobile phone network coverage. Sending data over the air waves has been possible since the invention of radio, as the Morse code pulses over the airwaves proved. Amateur radio operators send each other data messages daily with just their radio equipment, the Anonymous collective is not devising any new technology, what they do is to add privacy and security to something that already existed.
AirChat encrypted ham communication
The main problem of sending data packets over the airwaves is lack of bandwidth, that makes this technology slow and only suitable for low bandwidth voice, text chat and low resolution photos, the developers admit that they have traded bandwidth for greater security.
AirChat encodes data inside air waves with Anonymous own Lulzpacket protocol handling integrity and encryption. Due that in some countries encrypted airwaves over specific frequencies are banned, you are given the choice of sending the data unencrypted to avoid breaking the law. Other legal considerations are that ham radio operators must be licensed to operate on amateur radio frequencies, that will put you on a government list but this is not necessary if you only plan on listening in.
When you transmit data with AirChat there is the option to send it to nearby contacts unencrypted or broadcast it encrypted with a public key encryption that only the receiver will be able to decrypt with his personal private key.
The reason for Airchat is to stop a government switching off the the Internet to stop a protest group, like it has happened in the past during the Arab Spring revolution. An added benefit is that, as far as the top secret documents leaked by Snowden reveal, the NSA spying scheme only monitors the flow of data over the Internet and not the airwaves.
There are other similar projects that allow you to exchange data with other people without an Internet connection, like Commotion Wireless, but their data transmission range is limited. AirChat developers claim to have used their software to send photos 180 miles away through the airwaves without any Internet connection. And you don’t have to worry about hardware MAC addresses identification, that ID is not passed on to any access point like it happens when you use Wi-Fi.
Something to know about amateur radio (aka ham radio), is that it is illegal to broadcast over licensed frequencies, if you did you could interfere with commercial radio stations, airports and emergency services. Broadcasting on licensed frequencies will attract the authorities attention, they will track you down like they do with pirate radio stations and charge you. Only use AirChat over unlicensed frequencies.
ProtonMail is a Switzerland based privacy email provider, the company stores your data encrypted in their servers and they claim that computer IPs used to connect to the account are not logged. I looked at the email headers sending myself a test message and I could see that ProtonMail does not include sender’s IP inside email metadata.
When you first open up and account (took me a few days to get an invite), you will be asked for two different passwords, one is the email login password and the second one, not known to ProtonMail, is the password used to encrypt email messages in your browser before uploading them to the server. There is no password length check or anything forcing people to use a complicated passphrase to stop new users from being negligent and making up a short guessable pass.
I also noticed that there is no automatic logout, you can easily forget about logging out of your account in a public computer and the person behind you could get access to your account two hours later.
Encrypted Swiss email service ProtonMail
If you correspond with other ProtonMail users, encryption is end to end, messages never leave the ProtonMail server network, they will not travel the Internet where encrypted messages could be intercepted by the NSA international fibre optic cable wire-tapping operation to attempt postliminary cracking with their supercomputers.
To interact with an external email account, like Gmail, you have the option to send the message in clear text, with no protection at all, or send a password protected link where the receiver will have to click on to read the message directly from ProtonMail encrypted servers. The link can be set to expire after just a few hours or two weeks, the message will no longer exist once the expiration date is reached.
There are a few weaknesses to sending emails in this fashion, one is that you will need to transmit the password to the other part, this will slow you down and is open to interception. Another security weakness is that there isn’t any kind of brute force protection, after somebody has read the message it will not be automatically self-destroyed as it should be. I could not see any counter on the page letting you know if the message has been previously displayed before you read it.
The good part of sending email messages with password protected links is that the receiver only needs javascript enabled in their browser to be able to read them and that the messages can’t be scanned en route.
ProtonMail settings and compose screen are simple but enough to get the job done. I appreciated a button to permanently delete all account and messages, regrettably this did not work for me when I tried it, it would do nothing when I clicked.
ProtonMail security model is based around owning their own hardware, storing it offshore outside USA and European Union laws, and fully encrypting their disks with the decryption keys split in between various individuals, with server integrity checks to detect illicit changes in the software, like somebody installing a key logger, but those checks can not stop a hardware keylogger in the data center, although since data is encrypted by the user browser, the most an unauthorised third party could do is to monitor computer IP connection logs.
This is an easy to use email service, perhaps the only free email service that claims to keep no user logs. The company implements well known open source cryptolibraries and they allege to be audited by computer security staff at CERN (European Center for Nuclear Research). The only problem I have with ProtonMail is that there isn’t a built-in system to send messages with your own PGP keys, this is the main reason why I can’t use them as my primary email provider.
PGP is the default standard for email encryption and I can’t ask anybody to stop using PGP encryption keys and switch to a ProtonMail account for javascript OpenPGP encryption, ideally, my perfect encrypted email provider must be able to import a PGP key from one of my friends and use it to secure data.
