Perhaps the dumbest web service I’ve seen in a while, youvebeenleftbehind.com, will send emails to the friends and relatives (up to 62 addresses) of devout Christians, after the Jesus-Freak has been whisked to heaven via the Rapture—all for just $40 bucks a year. I mean, what price is worth the ability to thumb your nose and gloat at all those damned heathens, right?

That’s not all! The site also provides 250 MB of storage, 150 of which can be “encrypted” (there’s zero information on what exactly they mean by this or what method is used), so you can upload those important documents that you want to pass on to your loved ones.

The site suggests storing sensitive passwords, banking, brokerage information, locations of hidden valuables, and power of attorney documents. Their reasoning? You won’t need it, you’re in heaven! You can either give them your entire financial life to “hold” and keep “safe” for your loved ones, or risk the Antichrist getting it all. (I’m feeling like an opposing site, for donations to the Antichrist needs to be built, right now.)

Why entrust them all your information, you may ask? Simple, they say. Because they’re Christians. That should be all the credentials you’re average God-fearing, bible-humping idiot should ever need. Never mind that their contact info consists solely of a PO Box and a Gmail address. The domain registrar is a proxy, giving jack-shit for info as to who your money or your private financial information is going to. But hey, they’re Christians, it’s all good!

<sarcasm>This seems too good to be true! How do I know my information and messages will be delivered once I’m strumming a harp in heaven? Didn’t they say they were all Christian too? That means they’ll be in heaven with me! It’s so confusing, my head hurts! I better have an exorcism!</sarcasm>

Actually, according to these true believing heroes, there are five Christian people, scattered around the United States who must check in to the system on a regular basis. Should any three of these God-loving people fail to log-in over a three day period (presumably because they are now in heaven, not jail, mind you), the system will be triggered. An additional three days will be given as a failsafe and then like mana from heaven, all your important stuff will be delivered to the people you care most about on earth.

On one hand, it stinks to high hell of a total sucker scam. People who pay for this service are not only going to be $40 poorer, they’re likely to have their identities stolen and have their money cleaned out, pre-Rapture.

On the other hand, I’m all about abusing Christians.

I am officially the coolest dude in Brooklyn (in my head at least). I have my very own Tor t-shirt! A few weeks ago one of the developers of the software emailed me to let me know that I had been running a fast Tor server for some time now and he asked me if I wanted a free t-shirt. Naturally I said yes. Soon after, I received a package with the shirt. It’s the coolest, ever. Click the thumbnails if you want a better look at the front and back.

Tor is a free program that provides onion routing anonymity for just about any program using the TCP protocol (browsing, blogging, instant messaging, IRC and SSH to name a few of the uses). In this day and age, with privacy rights getting raped, prison-style and draconian governments throwing people in prisons for thought crimes, it’s a good and necessary thing to have and to support. I run Tor on a Linux server (Ubuntu) I rent somewhere in Florida to give back to the network I occasionally use. I don’t really use the server for much, so I don’t limit the bandwidth I give to Tor, allowing it to be one of the faster middlemen in the web of servers that make up the Tor network. I think it’s pretty cool shit.

Tor is available for Linux, Windows and Mac. The project is non-profit and is supported by the Electronic Frontier Foundation and people like you (if you’re cool) and me (I’m so totally neat). You should download Tor, in case you should ever need it. If you have some free bandwidth, consider running a Tor server. You can also help the project by donation. If all of this isn’t your bag of nuts, you might want to think about becoming a member of the EFF and supporting the fight to protect digital rights and privacy. It’s all good shit.

I’ve been waiting for an extension like this for years. FireGPG lets you encrypt, decrypt, sign and verify text using GPG from the context menu. Currently, it only works with Gmail, but that’s fine since that’s what I use for most of my important email.

At some point last year, I switched from Gmail’s browser interface to using it with Thunderbird, so I could make use of the Enigmail extension, as well as pull in all my other email addresses (work, domains, spam-pits) in one place and I think I’ll continue to use it, but the ability to just browse to Gmail and not have to copy, paste, fire up a terminal, copy and paste again is absolutely great.

FireGPG currently works with Windows and Linux. OSX is out of luck, but I see on that on the exension’s page that the developers are actively looking for help in porting it. Awesome.

I’ve got a black feeling this morning after reading that the Supreme Court is requiring all US companies to store employee email and instant messaging. It’s fucking ridiculous, not only in burden of cost for companies to store that data, but in the loss of privacy and reality of it’s usefulness.

Anyway you look at it, it’s a punch in the balls for personal privacy. Slap a jock strap on that shit and be a man. Start using encryption. Check out GPG for encrypting email and personal files. If you use Thunderbird as an email client, there’s a real handy plugin called Enigmail that makes phasing in encryption pretty damn simple. For Instant messaging, switch to GAIM (cross-platform), Adium (OSX) or Kopete (KDE Linux). All three have some form of built-in encryption or plugin available. Adium and GAIM both can run OTR, an encryption and plausible deniability plugin. Kopete uses GPG to encrypt and as far as I know, there’s not another client that does that (there’s a plugin for GAIM, but I hear it doesn’t work well with more recent versions).

All these programs are free and open source. If you’re not using anything, I’d suggest you seriously consider it. For web browsing, think about using a proxy, like Tor or if you have the skills or patience to set it up, SSH tunnel to an outside server running squid (here’s a link to how I do it). If you don’t have access to a server like I’ve got, you can run squid on your home computer and connect to it from work. If you don’t have a static IP at home, you can use a free service like No-IP to get access. ISPs don’t like customers running servers out of their home, but if you SSH tunnel it, your chances of getting noticed are pretty nil. I tunnel squid to a remote server I keep and it works very well. I also have Tor installed on all my machines and run it as a server on my remote machine to give back to the network. It’s doubtful you need a proxy for all the web browsing you do in the course of a day at the office, but the option for security and privacy is good to have (not to mention the ability to get around restrictive firewalls).

If you don’t care about all this, so be it. Maybe that’s fine for you. But, depending on who you are and what you do in your life and for a living, you might want to take heed especially if you give a damn about your personal rights and privacy.

You know someone’s got their head up their ass when they demand you hand over a photo ID to get some pancakes. You’ve got your head shoved even farther up your own ass if you actually hand your driver’s license off just because you need some shitty breakfast.

I’ve never been to an IHOP and never plan on it. I do enjoy the occasional pancake, but asking me to hand over my identification to some minimum wage tool of a security guard will generate a clear directive to go fuck yourself with a rusty, sharp object. I noticed that in the article linked above there’s a quote that the IHOP dude had around forty IDs in his hand, which I find to be completely ridiculous. People in Quincy, Mass. are either really fucking stupid or they really, really love their IHOP.

I’m psyched to see that over the holiday weekend a US branch of the Pirate party was established, or at least got their website up and running.

I first read about the Pirate Party after it was first established in Sweden and made news in conjunction with thepiratebay.org’s trials, travails and public snubbing of US corporate bullying. My first thought was “Hell yes, but this party needs to be in the United States, the source of all unfair media restrictions, ridiculous copyright laws and all evils in between”. Thankfully and with hope, it has now arrived.

There’s not much going on yet and hopefully this won’t be one of those lame-ass, never off the ground, dead in the water, psuedo non-projects started mainly to garner attention. I find that really don’t care for the name, “Pirate Party”. While I understand the use and recent history concerning the term pirate in regards to digital media, it’s use is still to grey to me and given it’s historical connections with murder, theft and a whole mess of negative things, I question whether it’s appropriate for a party mainly concerned with copyright and usage reform. Sure it’s catchy, but in today’s buzzword-dependant media, amongst the non-7337, perhaps older and less media and tech savvy population, it sounds bad. Isn’t the whole purpose about freeing media, liberating ideas and fostering creativity? If so, why chose a word that denotes thievery?

Looking at the site, I was suprised to see that the pirate party also has branches in Belgium, Italy and France as well, which is great. I’d really like to see more countries join as well.

Web filters are retarded. The only times I ever butt against a company’s web filter seem to be when in search of legitimate, non-offensive information. I’m not into breaking the law. I’m not into downloading porn at work. Why penalize me when I try and look up some technical information because an application like SmartFilter or SonicWall considers some geek’s tutorial on getting an Open Source application up and running, “Free Software/Downloads—Forbidden”, even though no actual software or source code is stored on the site? Or blocking a website as pornography because the author of the page has the unfortunate last name of “Dyke”. SmartFilter kind of seems like one big oxymoron. Perhaps StupidFilter is more appropriate. I could give a rat’s ass whether it kept kids away from pornography, all I know is that it often keeps me from accessing harmless, legal and innoffensive information—usually technical in nature. Fuck that.

Sick of being hamstrung by obtuse internet filters I set up a proxy on my server using squid that I tunnel to via SSH. Once connected, I bypass all web filtering wherever I am and as a bonus, all information sent to and from my browser and my server is encrypted and therefore private to anyone snooping on the local network. Here’s how.

(more…)

While I’ve known that Gmail uses SSL to log in, someone recently pointed out to me that while my password is sent to Google fully encrypted, once logged in, all pages that I view are sent via http, meaning that all the emails I read and send can be scooped right out of the ether at any open hotspot.

One remedy I found is to manually change the address from
http://mail.google.com/mail/ to https://mail.google.com/mail/
and for that session, you should be using https and all the pages you view in Gmail will be encrypted. Very cool, but I have to remember to manually check this every time I log in. I smoked way too much weed as a teenager. Half the time I don’t even know what day of the week it is. No lie. How am I supposed to consistently remember this?

Looking further, I found this great extension for Firefox that takes care of the problem for me. CustomizeGoogle lets you set a whole mess of options for a variety of Google services. I won’t get into most of the details since they don’t apply, but check them out because a lot of them are pretty cool. One option that is relevant is that once installed, you can set an option for Gmail to always use https by default. Just check off that one option and from that point on, you have worry-free, encrypted Gmail sessions as a default. Pretty damn useful. CustomizeGoogle also lets you set an https default option for Google Calendar as well. Even sweeter.

Unfortunately, Safari, Konqueror and other browser users are out of luck (IE users, you deserve what you get.) with this extension, so unless there’s something else out there, they have to manually check the session every time or set a bookmark using https in the URL and be consistent about accessing Gmail through that bookmark.

Dongle! It’s true, the only purpose of this post is to use “dongle” as many times as possible. Dongle, dongle, dongle. *sigh*

Seriously though, daveb has been struggling all day with a technical conundrum and endless googling turned up scarce and confusing info. Having finally figured it out, he feels bound to post the steps as simply as he can so that other brain-damaged squirrel humpers like himself can get the job done. With that said, daveb presents to you:

How to install your GPG keys to a USB dongle for WIN XP

1. Install the latest binary version of GnuPG
2. Attach your USB dongle and create a folder named keys, or whatever’s appropriate for you. If you have pre-existing keyrings, place them here.
3. Open REGEDIT (START > RUN > type regedit)
4. In REGEDIT, navigate to HKEY_CURRENT_USER\Software\GNU\GnuPG
5. Right click in the folder and select NEW > STRING VALUE
6. Name it “HomeDir” (without the parenthsis, of course)
7. Right-click the entry and select MODIFY.
8. Under VALUE DATA, type the full path to your desired key folder. For example, daveb’s is F:\keys\ (“F” being the USB dongle). Hit OK.
9. Open a command prompt and type “gpg –version” or “gpg –list-keys”. Check for the Home that is listed, it should now be your dongle and any keys in that folder should now be listed. You’re done!

Now that you’re finished, use a file-shredding program like Eraser to destroy any locally saved copies of your keys. With that done, the only way to encrypt or decrypt with your keys is to have possessin of the dongle. So, keep it safe. You also might want to consider hiding a backup on floppy somewhere (safe deposit box, deserted island, anal cavity) due to the fact that although dongles last a long time, they do have a write-life, depending on your model.

Daveb recently got around to installing Tor, an anonymous proxy surfing agent. The project’s homepage describes it as:

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

Your traffic is safer when you use Tor, because communications are bounced around a distributed network of servers, called onion routers. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several servers that cover your tracks so no observer at any single point can tell where the data came from or where it’s going. This makes it hard for recipients, observers, and even the onion routers themselves to figure out who and where you are. Tor’s technology aims to provide Internet users with protection against “traffic analysis,” a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security.

Granted, to most people, this makes no sense or seems hardly worth it, but trust daveb when he tells you that nothing quite thrills him as seeing his IP address, geographic location and machine name change with each request sent to or from his browser or whatever the hell he configures to work with Tor. It’s the shit. It’s open source, free, available on all platforms and is backed by the Electronic Frontier Foundation, who are all a bunch of good people. Daveb recommends.