The NSA saga continues! In this chapter, we find that the Feds are requesting SSL master-keys from Internet companies, in order to decrypt Web traffic in transit. On one level, this is rather worrying, because it means the NSA is looking to further increase their ability to go digging around in people’s digital drawers. But is it really as bad as it might initially appear?
Many commenters have said that the current methods of surveillance are most effective against only the daftest of criminals. Any criminal worth their salt knows how to evade all but the most targeted surveillance. The recent government attempts to increase the breadth of tracking won’t really force them to get any sneakier.
At the moment, it looks as if most of the Internet companies that were contacted have denied the Feds request, and will fight back against any attempt to force the issue. But if you’d rather not wait to see how this pans out, there is a simple way to get around the SSL issue: Encrypt your files and text before transmission.
It’s a universal security truism that you can’t be 100% protected against someone sufficiently determined to breach your defenses. So on-disk encryption is not necessarily going to protect you if you’re specifically targeted, but it should keep out the broad surveillance efforts that have been in the news lately. There are a number of ways and tools to help you do this, which we will explore in more depth in future posts.
What are your favorite encryption tools? Do you prefer to encrypt files individually, in specific folders or small disk images? Or do you just encrypt your whole drive?