What it’s all about
Introduction to Encryption
How it works
Digital Communication
Digital communication (ie. e-mail, text messaging) are sent through a computer network, usually the internet, and can be intercepted in two locations. First, during transmission and second, when being stored on the company servers. At MOA Project, we believe privacy and the ability to communicate without government or corporate eavesdropping is a basic right of all people.
Some groups, like activists, are active targets of surveillance and government spying in New Zealand and around the world. This is an unjust; abuse of power and we encourage all people to protect themselves from it. This is a basic guide to teach activists how to protect themselves and their communities.
We hope you find it helpful
- The MOA Project
Encryption - Allows a message to be sent through a digital network in a
way that its content cannot be read or understood by third parties or unauthorized people.To achieve this, a message must be encrypted by your computer. Then, travel through the internet encrypted. Until, it is recieved by your friend. Only then, should it be decrypted.
E-mail Provider’s Server
Unsecure on Server
The Internet
The Internet
Encryption by Device
How Security Breaches Happen
A Secure Laptop
Smart Phone
USB/Hard Drive
StorageCommunication
Anonymous Internet Use
SMS (text message)
Encrypted with Truecrypt Voice Call
Telegram Messenger
(Secret Chat Only)
Encrypted Drive with Truecrypt
Encrypted Email and Trusted Networks On TOR Browser
Not Secure, Stored on Unencrypted Server Not Secure, phones can be tapped
End-to-End Encryption + Auto Delete
Secure Storage of File or Entire Disk
1)
2)
3)
4)
5)
When stored on servers : Unencrypted data can be viewed/shared by the company under court order & accessed by the government. In some cases data can be stolen by hackers.
Weak passwords : Can be easily opened with a “Brute Force Attack” and bypass encryption.
Device if not protected : Gaining physical access to your computer.
IE, Theft, lost device, seized by police during arrest, search or border crossing
Hackers access computer : Through software with known vulnerabilities.
Keep software up to date
Intercepted on Wi-Fi : Unencrypted data sent on public Wi Fi, or data sent over non password protected Wi-Fi, can be taken.
What it’s all about
Secure Communication
Secure communication - occurs when a message is sent through a digital network in a way that its content cannot be read or understood.
To achieve this, a message must be encrypted by your computer,
travel through the internet encrypted, until it is recieved by your friend. Only then, should it be decrypted.
Any information that travels through the internet can be intercepted during tras-mission. Since all digital communication also passes through and is stored on a server, anyone who can gain access to this server can get your information.
Telegram is a free and open source messenger app that allows you to
communicate securely using its “Secret Chat”. Users can send/receive encrypted and self-destrucing messages, photo, video, documents and voice messages.
This means your telephone company cannot read your messages, governments will have difficulty accessing and because Telegram servers are located internationally. Check out : https//telegram.org
Encrypted on Server
The
Internet InternetThe
A. Message is Encrypted B. Message is Decrypted
Secure on your smart phone
Telegram Messenger
Truecrypt
Protecting Data Storage
3)
2)
1)
What are the primary uses of TrueCrypt?
How can you encrypt your storage using TrueCrypt:
TrueCrypt is a free software used to encyrpt data storage devices (hard drive/ USB sticks) to protect your data. Encryption works by automatically mixing up the data into a form that cannot be understood by anyone who doesn’t have the key to “undo” the mix up. Without the proper authentication key, even if the hard drive is removed and placed in another machine, the data remains inaccessible. TrueCrypt can encrypt the entire hard drive. Or, it can be used to create an encrypted folder on your computer.
Create an encrypted file container: (Basic)
Encrypt a non-system drive or partition (Advanced)
Your non-system drive does not contain your computers operating system. IE. external hard drive, USB stick, computers with multiple hard drives or systems with a partitioned hard drive
Encrypt the system hard drive, or entire system partition (Advanced) System means this is the primary memory drive for your computer. Most computers only have one drive, the system drive. Using this option, you will need to enter the encryption password when you first start the computer up. Without the password the computer will not function at all. If removed, the hard-drive will be completely encrypted.
TrueCrypt has recently stopped being supported. Although TrueCrypt is secure now, as new versions of computer software are released it will become compromised.
We are currently researching a replacement for TrueCrypt
Creates an encrypted folder on your computer. After created, you can drag and drop files into this folder. When the folder is closed they will be encrypted. You will need the encryption password to open the folder.
Anonymity on the network
Secure Research
TOR (The Onion Router)
provides anonymous and untraceable commu-nication between you and the websites you visit.Websites cannot tell who you are, where you are, and your internet provi-dor cannot see what you are viewing.
You can anonymously research and view the internet, therefore this soft-ware will protect your privacy and defend yourself against network surveil-lance and website tracking.
Download TOR here : www.torproject.org
This part is encrypted
This part is NOT encrypted
How TOR works:
TOR directs Internet traffic through a free, worldwide, vol-unteer network consisting of more than five thousand relays and then en-crypts the connection between each computer.Making it more difficult to trace Internet activity back to you. Including "visits to websites, online posts, instant messages, and other communication forms".
TIP : Websites cannot see who you are or where you are but they can see what you send. If you send personal information over TOR you can be iden-tified.
Website’s Server
Best Practices for Encryption
Passwords
f
Passwords are used to protect most types of encryption. Weak passwords can be broken and are often the weakest link in an encrypted system.
Advanced computers can conduct “Brute Force Attacks” on passwords and bypass encryption by cracking the password
Messaging using e-mail providers is not secure as the data could be accessed on the server of the company that you use. The company can view or share your information, be forced to supply it to a government under court order or it can be stolen by hackers.
By encrypting your emails before they are sent, you add an extra layer of security to protect your conversation.
This means that your emails will be encrypted when stored on company servers, using a secure password the company does not have.
Please see “Advanced Encrypition” on page 7 for more info
Tips for Passwords :
Do not share or reveal passwords
Password length is more important than complexity
Ideally, passwords should be 20+ characters long. Try using a sentance ie. “thisisaVerySecurePassword4589”
Use different passwords for accounts that access restricted data, than for your less-sensitive accounts
Change initial and temporary passwords as soon as possible. These tend to be less secure
We are a group of activists from a variety of backgrounds who are working to build an organized and skilled activist network across Aotearoa/ New Zealand. We believe activism and protest is an integral part of any function-ing democracy.
The MOA Project works to assist activists and grassroots groups to become more effective and create real change. We support grassroots activists and groups through resource sharing, skill sharing and up skilling.
More information available on www.MOAproject.org
Fancy options
Advanced Options
Encrypted E-Mail : Email encryption is based in a Public-Private keypair. You send your “Public Key” to your friends, they use this Public Key to encrypt email sent to you. You must have their Public Key to send encrypted email to them.
What you need to encrypt your e-mail conversations
ThunderBird : E-mail application that supports Public-Private key encryption GnuPG : Application to generate your public and private keypair.Enigmail : Extension for Thunderbird used to encrypt your email More information on advanced encryption here:
www.moaproject.org/resources/moa-project-guides/email-encryption/ We will endeavor to make information on more advanced encryption available on our website. Unfortunately it is outside the scope of this short guide.