FrootVPN: encrypted anonymous VPN

anonymousUpdate: FrootVPN is no longer free.

FrootVPN is a (The Pirate Bay endorsed) free VPN service that routes all your network traffic anonymously through servers in Stockholm. The mechanism is different from Tor, where network bandwidth is randomly shared among the users. As per the claims on the FrootVPN website, the traffic is fully anonymous, censor free and no user information is saved in the servers. Continue reading FrootVPN: encrypted anonymous VPN

Tutanota: encrypted DANE based mails

emailWe explored ProtonMail and Mailpile in our earlier articles. Tutanota is a new free mailing service that takes security to a new level by using DANE (DNS-based Authentication of Named Entities). While HTTPS just relies on the authenticity of the Certificate Authorities (CAs) issuing the SSL certificates, DANE forces the certificates to be bound to DNS names using Domain Name System Security Extensions, making authentication independent from Certificate Authorities. DANE stores the digital fingerprints of an SSL certificate in DNS, the phone book of the Internet. Mail servers and browsers can automatically verify the authenticity of the certificate before establishing a trusted SSL connection or sending an email via SSL transport encryption. This adds an additional layer of security over HTTPS. Relying only on SSL certificates makes man-in-the-middle attacks all too easy. These attacks are done more often than we think because most users do not notice it. However, DANE needs both the sender and receiver email services to support DANE.

Your mails never leave the server with Tutanota.

Tutanota provides browser plugins to connected securely to their servers. This ensures that a third-party can’t snoop on your data. It supports encrypted emails – the receiver can only view the email by using an agreed upon key. The content of the mail never leaves the Tutanota server, only a notification mail is sent to the recipient to view the email on Tutanota’s server.

Tutanota features at a glance:

  • Uses DANE on top of HTTPS
  • Fully encrypted mails
  • Encrypted email content does not leave Tutanota server
  • Provides DNSSEC/DANE/TLSA browser plugins to connect securely to the servers
  • Doesn’t need personal data to sign up. Just the username and password.
  • Cannot restore password if lost
  • Tutanota can only read sender, recipient and date of email
  • Underwent extensive penetration test by the renowned SySS GmbH and certified
  • Based in Germany
  • Web interface works on all major mobile and desktop browsers
  • Mobile apps coming soon
  • Free email service
  • Open source

The web interface is clean and simple with just the inbox, sent and trash folders. There aren’t too many settings to complicate things and it allows invitations.

If interested, register your Tutanota email ID. It is currently in Beta.

Similar

Ethersheet: private spreadsheet

ethersheet_compCollaborative spreadsheets can be created and shared in Google Drive. Collaborative rich text editors like Framapad are also available. When I saw the Ethersheet project, I was wondering why someone would spend time on a similar service. However, soon I found out that Ethersheet respects privacy. It doesn’t track you by your IP address and encourages Tor usage for complete anonymity.

Ethersheet is a project under development and written using node.js. It is fast and easy to use.

Webpage: Ethersheet

Mailpile: your emails on your devices

In one of our earlier articles we wrote about ProtonMail, which is a Swiss-hosted email service that vouches by 0-snooping. Mailpile is a fresh initiative to take back email privacy by making the mailserver private. The idea is to avoid saving email data on any third-party hosted server. To do that, Mailpile offers self-hosted mailbox support. At the time of writing Mailpile is in Alpha 2 stage. Bjarni Einarsson is the leader of the project. Currently projected features are:

  • Efficient search and tagging to handle millions of mails
  • Fast and responsive design
  • Store mails on your devices
  • OpenPGP signatures and encryption are built into Mailpile, even search index is encrypted
  • No ads
  • You can even store your mail on a USB stick
  • Free and open source

Update (13 Sep 2014): Mailpile beta is released but without a native package for Linux (what a shame!). For instructions to compile Mailpile from source and install it on Debian or Ubuntu based distros head here.

Webpage: Mailpile

ProtonMail: ensure your email privacy

There is no guarantee of email privacy from big names like, Google, Yahoo or Microsoft. All of them snoop your data and there are chances that they let others peek into your emails too. Google goes to the extent of data mining on your mailbox to show you ads. How do you keep your private emails private?

ProtonMail is a proposed encrypted email service that promises zero-knowledge encryption. The service will only have the authentication information and data will be encrypted at the client side. Its Indiegogo fundraising campaign ended last month. While the target was $1K it has raised more than 550% of the amount! No wonder people are concerned about their privacy!

ProtonMail was founded in summer 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Early ProtonMail hackathons were held at the famous CERN Restaurant One and at MIT. ProtonMail is headquartered in Geneva, Switzerland with a satellite office by the MIT campus.

Important features of ProtonMail:

  • Hosted in Switzerland and protected by the Swiss data protection laws.
  • Uses breakthrough web technologies and proven cryptographic algorithms to protect your privacy. Because of end-to-end encryption, your data is already encrypted by the time it reaches ProtonMail servers. ProtonMail has no access to your messages and cannot decrypt the mails.
  • Open source cryptography.
  • Hardware level security via full disk encryption.
  • HTTPS secured connections.
  • Self destructing messages through mail expiry. Unsend options.
  • Works out of any modern web browser, there is nothing to install. Works on all devices, including desktops, laptops, tablets, and smartphones. Compatible with other email services.
  • Offers a forever free version.
  • No permanent logs or any personal information needed to sign up. Accepts anonymous payment methods (such as Bitcoin) so even paid users have their privacy rights protected.

ProtonMail has just rolled a Beta version and is accepting sign-ups for invites now.

Webpage: ProtonMail

Similar venture: Dark Mail

How to remove file metadata

scissors_compMetadata is data about data. There are several reasons you may want to remove metadata from files, e.g., to protect your location or even identity. Almost all modern cameras or mobile cameras store (exif) metadata embedded in the image which is unknowingly shared with others when you share images with them. The way to prevent it is to remove the metadata. We will explore some ways to remove the metadata on Linux. Each of the the solutions support many filetypes.

  • exiftool
    Present in major distros by default. Runs from the cmdline and lightweight. Supports various file formats.
    Run the following to install on Ubuntu:

    $ sudo apt-get-install libimage-exiftool-perl
  • Metadata Anonymisation Toolkit
    Supports various file types such as images, open doc formats, pdf, archive, audio and torrents. It comes with a GUI as well.
    Run the following to install on Ubuntu:

    $ sudo apt-get install mat
  • Metadata Extraction Tool
    Supports images, document formats, audio-video, markup languages and Internet files. Download the latest binary, make it executable and run.

uTox and other Tox clients

We wrote about Tox, a privacy focused messaging app in a previous article. Tox nightlies are available for testing now. And we also have a thin Tox client – uTox. Definitely a welcome news for privacy-aware users. Features:

  • Text chats.
  • File transfers.
  • Audio and video calls.
  • Desktop sharing (video stream or screenshot).
  • Text-only group chats. Work in progress on audio video group chats at the time of writing.
  • Add friends using Tox ID.
  • Use as a web service using Name and Tox ID or download the client for Linux, Windows and Android.

Alternative Tox clients: Toxic, qTox, Ratox

Installation

Run the following commands to set up the repositories and update package information:

$ sudo apt-key del 0C2E03A0
$ sudo sh -c 'echo "deb https://repo.tox.im/ nightly main" > /etc/apt/sources.list.d/tox.list'
$ wget -qO - https://repo.tox.im/pubkey.gpg | sudo apt-key add -
$ sudo apt-get install apt-transport-https
$ sudo apt-get update -qq

You can install any of the following Tox clients now:

$ sudo apt-get install utox
$ sudo apt-get install toxic
$ sudo apt-get install qtox
$ sudo apt-get install ratox

Webpage: uTox

Sigram: native Telegram client for Linux

telegram_compIn one of our past articles we wrote about Telegram, a secure alternative to WhatsApp. While Telegram has many clients it was lacking a native Linux client till now. Sigram fills in the gap. Let’s look at the features other than basic ones expected in any chat client:

  • Awesome look and feel with a different interface and smooth animations.
  • Very easy to use.
  • Full media transfer support between Sigram and any other Telegram client.
  • Integrated with Limoo to preview pictures.
  • Open source.

Homepage: Sigram

DuckDuckGo adds cool features

DuckDuckGo is already quite popular but if you haven’t heard about it, it is an anonymous web search engine. Unlike Google, it doesn’t track you and the interface is clutter-free. Recently DuckDuckGo has added some interesting features to cater to specific types of searches:

  • Auto-suggest – See suggested search results as you type your search term.
  • Redesign – Less clutter and default, classic or dark theme options.
  • Images and videos – Always available on search results page via a carousel.
  • Places – Find local places of interest.
  • Meanings – Better search for ambiguous words.
  • Recipes – Search for cooking recipes.
  • Weather – Get instant weather forecasts.
  • Answers – Answers to your questions.

Here’s the procedure to add it to the Firefox search bar.

Webpage: DuckDuckGo

tlk.io: quick chat with anyone

tlk_io_comptlk.io provides a hassle-free way to quickly communicate with just anyone over a browser. None of the users need to authenticate anywhere or have any service specific account already. Features:

  • Web chat on the fly
  • Open to anyone
  • Channels are owner-free, so anyone can join any channel
  • Once you create a chat channel, send the link to anyone to join
  • You can also generate a harder to guess random channel

Webpage: tlk.io