Whiteout: end to end encrypted mails

Encrypted email services are on the rise as more and more users look for privacy to save their personal information from prying eyes. We explored services like Tutanota and ProtonMail earlier, both based out of the US. Today we came across one more non-US fully encrypted email service – Whiteout, based in Munich, Germany.

Whiteout is being developed by 3 devs at the time of writing and has found investors in two German organizations – HTGF and Bayern Kapital. The service is in a Beta state right now.

Features

  • As clarified by the devs, the goal of Whiteout is privacy and not anonymity.
  • The mails are encrypted on the client and are never transferred decrypted.
  • The service uses OpenPGP protocol for encryption. The source code is free for auditing on GitHub.
  • As a big bonus, you can use your existing email address with Whiteout service. Any email provider supporting IMAP should work. Whiteout also hosts its own encrypted mailbox.
  • Supports web interface, Android, iOS, Chrome. Windwos and Firefox OS will be supported soon.
  • Non-bloated email interface.
  • Open source.

Registration

You can add your current email address to the service here. To sign up for a fully encrypted Whiteout Mailbox you need an access code at the moment. We have some Beta access codes. Please contact us if you are interested in having a Whiteout mailbox of your own.

Whiteout has plans to become a paid service in future. However, it’s unclear at this moment whether Beta sign-ups would need to pay to upgrade when that happens. We’ll update if we receive any communication from the devs.

Good news for devs! Whiteout has openings for master programmers at the time of writing.

Webpage: Whiteout

Surfraw: web search from terminal

           ______  _     _  ______   _______  ______   _______  _  _  _
          / _____)(_)   (_)(_____ \ (_______)(_____ \ (_______)(_)(_)(_)
         ( (____   _     _  _____) ) _____    _____) ) _______  _  _  _
          \____ \ | |   | ||  __  / |  ___)  |  __  / |  ___  || || || |
          _____) )| |___| || |  \ \ | |      | |  \ \ | |   | || || || |
         (______/  \_____/ |_|   |_||_|      |_|   |_||_|   |_| \_____/

You might have heard the allegations about search giants recording your data or tracking it. And you might have heard about Julian Assange. Would it be surprising to know that Assange wrote a cmdline perl based tool to search Google (and many other web services) at lightning speed… a tool sans the tracking? I guess not.

Such a tool exists, written in 2000. It’s Surfraw.

Each supported search engine or database (like Google, Wikipedia, Slashdot etc.) is called an elvi in Surflaw, apparently as a tribute to Elvis (Ref: Wikipedia).

Features

  • Search tons of websites in addition to Google. To get the full list
    $ surfraw -elvi
  • Supports bookmarks
  • Supports bash completion (elvi names, options, arguments) using <Tab>
  • Use Google Translate, images, news, mps, video etc.
  • Supports safe search filter
  • Works best with text-based browsers like links, lynx, w3m

Installation

To install Surfraw on Ubuntu, run:

$ sudo apt-get install surfraw surfraw-extra

Configuration

The user-specific configuration file is ~/.surfraw.conf. The syntax is simple – defyn is used for boolean configuration variables, def for all others. Example configuration:

def SURFRAW_text_browser      /usr/bin/lynx
defyn SURFRAW_graphical       yes
def SURFRAW_graphical_browser firefox
def SURFRAW_results           10
def SURFRAW_lang              uk

Usage

Surfraw has many options, many of them specific to the elvi (search service). If you do not want to type surfraw all the time, sue the alias sr.

  • The general syntax
    sr elviname [options] search terms..
  • Search Google with multiple terms and limit results to 100
    $ sr google -results=100 foo "bar baz" bam
  • Search Wikipedia
    $ sr wikipedia surfraw
  • Search a phrase
    $ sr austlii -method=phrase dog like
  • Get a rhyming word
    $ surfraw rhyme Julian
  • Search a RFC about mime
    $ sr rfc s/mime
  • Translate a word
    $ sr translate logiciel

Webpage: Surfraw (with love, from Julian Assange)

Qubes OS: designed to be secure

Qubes OS adds to the list of Linux based security oriented desktop computing distros like Whonix and Tails. While most of the other distros concentrate on hardening the system, Qubes OS is designed to provide strong security using security by isolation approach.

Qubes is based on Xen, the X Window System and Linux. The desktop environment is KDE. It can run many Linux applications as well as use Linux drivers. The second release (in Sep 2014) of the distro surfaced 2 years after the first one. The upcoming release 3 will introduce Hypervisor Abstraction Layer (HAL), allowing easy porting to alternative virtualization systems.

Qubes OS architecture

As you might have guessed from the mention of Xen, Qubes uses virtualization technology to separate applications running in the userspace from each other. It can also sandbox many system level components like the storage and networking subsystems. Qubes users can define security domains, which in Qubes terminology are called AppVMs. These are very lightweight compartments and can be based on use cases like APPVMs for personal stuff, work, banking shopping etc. The applications in the AppVMs run isolated and copy-pasting is supported between AppVMs. The same applicaiton can run simultaneously under different AppVMs as well. In release 2, Qubes users can use Windows based AppVMs, which is a beta feature.

A quick peek into the key architectural features in Qubes OS:

  • Based on a secure bare-metal hypervisor (Xen)
  • Networking code sand-boxed in an unprivileged VM (using IOMMU/VT-d)
  • USB stacks and drivers sand-boxed in an unprivileged VM (experimental at the time of writing)
  • No networking code in the privileged domain (dom0)
  • All user applications run in “AppVMs,” lightweight VMs based on Linux
  • Centralized updates of all AppVMs based on the same template
  • Qubes GUI virtualization presents applications as if they were running locally
  • Qubes GUI provides isolation between apps sharing the same desktop
  • Secure system boot based (optional)

Qubes OS is distributed as a 64-bit DVD-sized ISO.

Webpage: Qubes OS

freenote: video chat over Tor network

tor_compJacob Applebaum is a well-known name among internet privacy advocates. It’s no surprise to see a Tor network based audio/video streaming application from him. The tool, named freenote, uses gstreamer as the multimedia framework. It respects your privacy, security, anonymity and liberty. Continue reading freenote: video chat over Tor network

uBlock: lean efficient ad-block plugin

ublock_compIf you are not aware of it already, Adblock Plus is one of the most resource intensive browser add-ons out there. Yet many of use it to stop annoying ads, flash etc. uBlock is a new bowser add-on that brings to you the functionality of Adblock Plus, only at the cost of lesser resources. There are other alternatives like Disconnect and Privacy Badger but none of them are as light as uBlock.

uBlock is not just an ad blocker, it is a generl purpose blocker which uses lists like EasyList to block websites. EasyList, Peter Lowe’s Adservers, EasyPrivacy are enabled in uBlock by default. It also supports hosts files. There is an advanced user mode which allows more fine-grained control on the extension like dynamic filtering, which works like a firewall with custom rules.

From the authors performance analysis results, uBlock uses lesser RAM than Adguard, AdBlock and Adblock Plus, much lesser processing and blocking count better than all (second only to Ghostery) these three.

The author advices not too use any other blocker along with uBlock as uBlock can handle things better than all of them.

uBlock is available for Google Chrome, Firefox and Safari. It also works great on Yandex Browser which I am using.

Webpage: uBlock

Cutegram: Qt based Telegram client

In addition to its third-party clients, secure and privacy-respecting messaging client Telegram officially released a desktop client last month. However, it seems that developers are obsessed with the messaging service. There is a new Qt based client ready for download.

The name Cutegram seems to be quite justified for the app. It uses the latest Qt libraries (version 5) and the most popular iconset (Faenza) available for Linux.

Features

  • File sending and receiving
  • Secret chat (Experimental)
  • Native desktop notification
  • Customizable fonts
  • System tray icon
  • Modern GUI. Integrates with Unity. Gnome, KDE and other desktops.
  • Drag and drop support to forward, delete messages and send files
  • Twitter emojies
  • Beautiful and smooth user interface using QML technology
  • Packages for generic Linux and Ubuntu available
  • Open Source and free

Packages are available for download on the Cutegram website.

Webpage: Cutegram

Searx: self-hosted web metasearch engine

search_compGoogle search doesn’t respect your privacy. Many people prefer DuckDuckGo or Startpage as alternatives. But the source code of these engines are not open. How about a web search engine that you can audit and host yourself? We are talking of Searx, a open source, hackable metasearch engine.

Features

  • Tracking free
  • Supports multiple output formats: json, csv, opensearch/rss
  • Opensearch support (you can set as default search engine)
  • Configurable search engines/categories
  • Different search languages
  • Duckduckgo like !bang functionality with engine shortcuts
  • Parallel queries – relatively fast

Installation

  • Install required packages
    $ sudo apt-get install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev
  • Install Searx
    $ cd /usr/local
    $ sudo git clone https://github.com/asciimoo/searx.git
    $ sudo useradd searx -d /usr/local/searx
    $ sudo chown searx:searx -R /usr/local/searx
  • Install dependencies in a virtualenv
    $ sudo -u searx -i
    $ cd /usr/local/searx
    $ virtualenv searx-ve
    $ . ./searx-ve/bin/activate
    $ sudo pip install -r requirements.txt
    $ sudo python setup.py install
  • Configure
    $ sed -i -e "s/ultrasecretkey/`openssl rand -hex 16`/g" searx/settings.yml
  • Edit searx/settings.yml if necessary
  • Start Searx and visit http://localhost:8888
    $ python searx/webapp.py
  • If Searx works fine, disable debug
    $ sed -i -e "s/debug : True/debug : False/g" searx/settings.yml

Note that you need uwsgi to run Searx as a daemon. For installation instructions, as well as to configure a web-server, visit Searx wiki.

To try out Sear on a publicly hosted site, visit https://searx.me/.

On GitHub: Searx

Telegram Desktop: native Linux client

telegram_compIf you haven’t heard about it, Telegram is a secure WhatsApp alternative. You can read more about Telegram from an earlier article here. Telegram exposes APIs for clients and a Pidgin plugin is available to use Telegram from the Linux desktop. However, the service was lacking a native client on Linux.

Telegram has now released its own Qt based native client on Linux, named Telegram Desktop. The look and feel closely follows that of the web client.

The package can be downloaded directly from the website (linked below).

Webpage: Telegram Desktop

Cyph: anonymous encrypted chat

chat_compWe explored some anonymous chat solutions earlier. Cyph is a chat service that generates a random chat room for you and allows you to communicate with your friends over an anonymous and encrypted connection. That’s about it! No sign-ups, installations, configuration or logging. Your chat link and log expires shortly after the chat session is over. Invite your friends with the randomly generated URL link and you are good to go once they join.

A new version of Cyph is under development.

Webpage: Cyph

Telegram-Purple: Telegram plugin for Pidgin

telegram_compWe visited Telegram in one of our earlier articles. It is a secured WhatsApp alternative with APIs available for implementing clients on various platforms. Telegram already has multiple unofficial clients (like Sigram). But many Linux users would love the capability to communicate with Telegram contacts right from Pidgin, a popular multi-protocol chat client. Telegram-Purple is a fresh Pidgin plugin that adds Telegram support to Pidgin using libpurple.

The development is still in the early stages and basic functionality is ready. Current functional features include:

  • Chats/Group-Chats
    > Send/receive messages
    > Discover buddies/chats
    > Discover buddy state and info
  • Profile Pictures
    > Download and use profile pictures
  • Adium Plugin

Features planned:

  • Encrypted chats
  • Picture, audio and video messages
  • File transfers
  • Geo-locations
  • Multiple accounts on one client
  • Respect libpurple proxy settings (implemented but untested)

To install the plugin on Ubuntu:

$ sudo add-apt-repository ppa:nilarimogard/webupd8
$ sudo apt-get update
$ sudo apt-get install telegram-purple

When you open Pidgin the next time, Telegram plugin will show up in the list of supported protocols. Use your phone number as the username. A verification SMS will be sent to the number. You’ll see a prompt asking for the code. Enter it and you are done.

Webpage: Telegram-Purple