The War on Privacy

Last week the Australian Government passed the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, which allows certain government agencies to issue secret notices compelling Australian IT workers and software developers to insert secret malicious code into any software or computer systems, for the purpose of gaining access to the content of encrypted messages on the computers and smartphones of their users. This law is in effect right now. The next time you download an update for the banking app on your smartphone, or operating system updates for Windows and MacOS, or a firmware update for your modem/router, or a game update on your Playstation, your device might also be implanted with a secret backdoor enabling remote access and monitoring. I could be forced to add malicious code to this blog and it would be illegal for me to refuse, or to warn you about it. You can no longer trust any computer hardware or software that is created, configured, or sold by someone living under the legal jurisdiction of Australia. This is kind of a big deal.

Continue reading The War on Privacy

Internet Surveillance News

25 Apr 2015 Pirate Party Australia’s guide to protecting your online privacy under the Australian government’s new mandatory data retention scheme.

25 May 2015 Senator Scott Ludlam learned about Tor, VPNs, PGP and OTR at a cryptoparty in Sydney.

28 May 2015 Apple co-found Steve Wozniak says Australia’s data retention laws are unethical.

31 May 2015 Information about Australia’s Pine Gap spy base, and its role in the Five Eyes intelligence alliance.

Continue reading Internet Surveillance News

Onion routing explained

When you visit a website on your computer or mobile device, you are potentially sharing that information with advertisers, hackers, co-workers and governments. Even though the content you are viewing is likely to be encrypted with HTTPS, your metadata (including the URL and IP address of websites you visit, your IP address, the time and date, information about your web browser and computer hardware) can be collected and stored by anyone eavesdropping on the wire between you and the web server, to be used against you in targeted advertising campaigns, phishing scams, profiling, and soon robot assassination.

Continue reading Onion routing explained

Preventing VPN leaks on Linux

A Raspberry Pi running OpenVPN with a D-Link DUB-1312 Ethernet adapter
A Raspberry Pi model B running OpenVPN with a D-Link DUB-1312 Ethernet adapter

In a previous post I showed how a firewall app on Android can prevent metadata leaks when you connect to a wireless network but have not yet connected to your VPN. This guide achieves the same goal with OpenVPN or Torguard Lite on a Linux PC, blocking all outgoing connections and then allowing connections only to the VPN server.

Continue reading Preventing VPN leaks on Linux

The Australian Panopticon

The Panopticon is a theoretical prison designed by English philosopher and social theorist Jeremy Bentham in the late 18th century. The shape of the prison places every inmate within view of a watchtower. Although it is physically impossible for the watchman to observe all cells at the same time, the fact that the inmates cannot know when they are being watched means that all inmates must act as though they are watched, effectively changing their behaviour.

Continue reading The Australian Panopticon

Preventing VPN leaks on Android

If you connect to the internet through a public WiFi hotspot, or at school or at work, the metadata and contents of your online communications can be intercepted and viewed (or altered) by the network operator or another malicious party on the network. If you connect from an Australian residential address or personal mobile device, the Australian Government will be storing your metadata from 13 Oct 2015. One of the ways to protect your privacy is to send all of your internet traffic through a Virtual Private Network.

Continue reading Preventing VPN leaks on Android