With the NSA spying scandal, all eyes are on ways to stop the surveillance and protect privacy. Campaigns such as Reset the Net have been used to encourage and push sites and people to amp up their security methods. Disasters such as Heartbleed shows what happens if security is compromised, whether intentionally or accidentally

I used to use TrueCrypt to allocate a virtual hard disk and put my private files in that. One of the benefits of this was that TrueCrypt also supported full disk encryption and Plausible Deniability (e.g. hiding an OS within another OS). However, one of the most frustrating parts of TrueCrypt is that you allocate space and any space you do not use is lost. e.g. if you allocate 10GB, but use only 1GB, there is still 9GB left that allocated to the TrueCrypt volume, but cannot be used by the unencrypted space.

Unfortunately, I recently found out that TrueCrypt shut down, under very suspicious and mysterious circumstances. (check the related articles section below). Sure, you could use LUKS instead, or VeraCrypt (but I haven’t tried VeraCrypt), but considering I only want to encrypt a subset of my files, and not the whole partition, that might be a little overkill.

So, I investigated the ecryptfs. Details can be found on the Wikipedia page, but in short, it allows you to mount directories (it comes with a wrapper to the mount command), but unlike other mount wrappers, you are allowed to mount on top of the same directory. In other words, you can do:

sudo mount.ecryptfs ~/SecuredData ~/SecuredData

And this will take the data stored in the directory and transparently decrypt it when you try to access the directory.

If you copy data into the directory, ecrypt will encrypt it and store it in the underlying directory in an encrypted manner. When you unmount the directory, only the encrypted data is visible. If you combine the mounting process with the optional Filename Encryption, then all you see are files with garbled filenames.

ecrypt supports various encryption methods, from AES and Blowfish, to 3DES and Twofish. Obviously, the higher you choose the encryption level, the slower the access. 3DES encryption resulted in a transfer rate of 7MB/s for me, when copying to the encrypted space, and AES was 16MB/s, so balance your requirement of high encryption vs slow access.

Microsoft and Google lead coalition demanding limits on government surveillance

9 December 2013 #

In October, the tech industry's biggest companies petitioned congress to reform the US Government's surveillance policies. Now, the firms are taking their pleas global. Microsoft, Apple, Facebook, Google, LinkedIn, Yahoo and AOL (Engadget's parent company) have banded together to ask the world's governments to reassess its intelligence practices. This time, however, the firms are presenting more than a strongly worded letter - they've laid out five core reform principals, detailed both on an official website and in full-page ads in national publications.
The breakdown is fairly straightforward; the group asks that government’s authority be imposed with “sensible limitations on their ability to compel service providers to disclose user data,” and that they give more consideration to the link between privacy and trust required by technology providers and their users. The group is also demanding increased oversight, accountability and transparency, outlining a system that allows companies to publish the nature and frequency of user information requests and attached to a “clear legal framework” with “strong checks and balances.” Governments outside of the US are encouraged to work together too, to create a “robust, principled and transparent framework” to guide requests for data across jurisdictions. The group of tech giants also wants these changes to respect the flow of information, and ensure that service providers are able to build infrastructure on a global scale, without needing to store data inside the country for the sake of national government inquiries.

“Unchecked, undisclosed government surveillance inhibits the free flow of information.” Twitter CEO Dick Costolo writes on the movement’s website. “The principles we advance today would reform the current system to appropriately balance the needs of security and privacy while safeguarding the essential human right of free expression.”

An open letter to Washington underlines the campaign, noting that “the balance in many countries has tipped too far in favor of the state and away from the rights of the individual.” The companies pledge to keep user data secure with encryption technology and by fighting unreasonable government requests, but change needs to start from within. “Reports about government surveillance have shown there is a real need for greater disclosure and new limits on how governments collect information.” Mark Zuckerberg stated. “The US government should take this opportunity to lead this reform effort and make things right.” Indeed, the letter asks that Congress do just that: “take lead and make reforms” that would bring the proposed changes to fruition.

While the firms openly acknowledge the government’s need to take certain actions for the public good, it clearly states that the current laws governing surveillance are no good, and may even be hurting future adoption of new technologies. Microsoft’s Brad Smith puts it best, “People won’t use technology they don’t trust. Governments have put this trust at risk, and governments need to help restore it."

Microsoft and Google lead coalition demanding limits on government surveillance.