We have pointed out the great work of Tactical Technology Collective and Frontline Defenders (NGO-in-a-box) in the past, either way this article is a great reminder and provides some good linkage to the excellent work being done by these guys.
A post which could just as easily be titled “how to try and keep the Sudanese Government (or insert other oppressive regime) from reading everything on your computer.” As they are sometimes wont to do, especially when expelling large numbers of NGOs.
An anonymous aid worker who was recently expelled from Sudan described the following:
“Government officials quickly arrived at the office, confiscating all our assets – our phones and computers to start with…At the airport, National Security were waiting for us. They searched through all of our bags. They took – stole – all kinds of personal items: cameras, iPods, our own computers with hundreds of photos of our lives and friends in Darfur.”
http://security.ngoinabox.org/
Securing Sensitive Information and Communications in the Field
The SSD project is an excellent resource when it comes to protecting your computer and communications from unauthorized access and surveillance. While focused on providing information to US citizens, and the rights and laws within the USA, there is much information regarding the general well being of your computer and its communications. There is a good section on technical measures as well as introductory information to the various aspects of Information Protection.
The Electronic Frontier Foundation (EFF) has created this Surveillance Self-Defense site to educate the American public about the law and technology of government surveillance in the United States, providing the information and tools necessary to evaluate the threat of surveillance and take appropriate steps to defend against it.
Surveillance Self-Defense
It is not always possible or practical to immediately move to Ubuntu Linux or other alternative when you have work to do and deadlines to meet. So you are stuck with Windows for now? Read on for the basics of securing your Windows Desktop using Freely available Tools.
Windows Update
Windows Update your one stop shop for patching Windows Operating systems. If you are running Windows you need your operating system to be updated on a regular basis – as Microsoft are regularily releasing patches to fix the endless supply of new Security Vulnerabilities. Some of the newer versions of Windows allow patches to be applied automatically when available (beware of required reboots when this occurs).
Anti-Virus
There are many free antivirus programs available. Some are below par when it comes to updates and system resource usage.
A good choice would be Antivir Personal Edition, Avast Antivirus or AVG Free Edition. Another option is Clamwin based on Clamav is a promising Open Source project. Clamav was originally developed to be used in a Mail Server environment, now other projects such as Clamwin have brought it to the desktop.
Anti-Spyware
Ad-Aware SE Personal, is a good choice and doesnt have some of the bad press associated with Microsofts own Anti-Spyware Tool.
Firefox
The Firefox Web Browser will keep you secured from much of the spyware and other threats that are present when using Internet Explorer. Having said that vulnerabilities are present in Firefox and you need to check for updates on a regular basis. The latest version (Firefox 1.5) has an auto update feature.
Personal Firewall
A local firewall is a good choice, as this can provide another layer of security (Security Indepth). A firewall can protect your system from vulnerabilities for which there is not yet a patch available or patches that have not been applied. Rogue services and backdoors are also thwarted by a personal firewall. It is a good idea to understand what you are allowing in and out of your firewall before clicking on the “allow” option. Following the initial install you need will to go through a “tuning” process that configures your firewall policy.
A free and popular choice is Zone Alarm, other choices include Sygate Personal Firewall and Kerio Personal Firewall.
Conclusion
Using freely available tools and performing regular maintenance it is possible to have a secure and productive Windows Desktop. The main thing to remember is once you have the above tools installed and working, you need to be aware of what is happening and ensure all updates are being applied.
Since wireless continues to be a popular alternative to wiring your office, i thought a quick round up of current technologies would be appropriate.
In Summary:
Open Access – bad, anyone can watch your traffic or access your network as if they were plugged directly into your hub.
WEP – bad, can be cracked in minutes with the latest tools. Once the key is cracked intruder has access as if the AP was Open. Read your network traffic and access your network.
WPA – good, if configured properly with a strong key this will stand up to all but the most skilled attackers.
Now if the only equipment you have is WEP – then the risk can be mitigated. Change keys on a regular basis and encrypt all communication via ssl. Keep in mind though that you are running a very open system – so be aware of the information you are sending through the air.
A detailed and thorough summary of the options available
A guide to encrypting filesystems or file containers using a loopback. Well written and specific to the Ubuntu Distribution of linux this is an excellent easy to follow guide to a topic that can be quite technical.
Encrypted Filesystem Howto – Ubuntu Linux
Using Thunderbird, GnuPG and a plugin makes encrypting your email easy. Linux Journal have a guide to securing your email from unwanted eyes.
See parts One and Two for more info and some background on GnuPG.
A Lesson in Encryption, Part 3 | Linux Journal
Do you know what happened to your data when you disposed of your last PC? Make sure you securely wipe the drive before getting rid of old laptops, desktops or servers.
This article highlights an important and easy to use tool that will do the job. Open Source of course.
NewsForge | Darik’s Boot and Nuke: A great tool for obliterating your data
This guide to Open Source Software use in government is thorough and readable. Much of the content equally applies to using Open Software within Non-Government Organisations.
Source IT | Guide to Open Source Software
A very interesting little handbook. Blogging has been knocked as a fad and pointless by some – while the growth and popularity continues. Major news sites, large organisations and individuals are all now getting into the blogosphere. Blogging takes the possibilities of the internet (allowing anyone, anywhere to publish to a global audience) and makes it easy. I have read some very interesting stuff about Hurricane Katrina and the governments response on a number of high profile blogs – eg. Boingboing.net.
It is a fascinating concept and a powerful tool for dissidents and those whose words are censored or monitored. This guide will help to protect some of those people.
Reporters sans frontières – Handbook for bloggers and cyber-dissidents
A Small Security FAQ – focused on encryption and its use by human rights workers.
Everyone should use encryption because digital communications are inherently unsafe. However, human rights workers are at a far greater risk than most individuals and their files and communications are more sensitive. It is imperative for human rights workers to use encryption in their digital communications to protect themselves and the people they are trying to help.
Privaterra – Security FAQ (in Information Security)
