Edward Snowden urges professionals to encrypt client communications [NSA Nude photo share]

www.theguardian.com ^ | 07-17-2014 | Alan Rusbridger and Ewen MacAskill

[Red Badger]

The NSA whistleblower, Edward Snowden, has urged lawyers, journalists, doctors, accountants, priests and others with a duty to protect confidentiality to upgrade security in the wake of the spy surveillance revelations.

Snowden said professionals were failing in their obligations to their clients, sources, patients and parishioners in what he described as a new and challenging world.

"What last year's revelations showed us was irrefutable evidence that unencrypted communications on the internet are no longer safe. Any communications should be encrypted by default," he said.

[SNIP]

• Made a startling claim that a culture exists within the NSA in which, during surveillance, nude photographs picked up of people in "sexually compromising" situations are routinely passed around.

[upchuck]

Electrical tape is your friend.

Or, if you don't use the camera very often, go into Device Manager and turn it off. Don't forget to turn off the microphone also.

[from occupied ga]

Stiffens their resolve.

[from occupied ga]

Any non trivial email message (which granted is very few) I send GPG encrypted. NSA and the government in general HATES GPG because it’s open source and they don’t have a backdoor. Plus it’s effectively unbreakable. They hate it. If more people used it to encrypt private information on their computers hackers in blue wouldn’t get as many convictions.

[PlasticMan]

Maybe they have pics of McCain and Graham....

[PlasticMan]

I wholeheartedly agree. All email should be encrypted by default. This has been possible since the development of PGP many years ago. I believe the only reason it is not because of government pressure to keep good, easy to use public key crypto out of people’s hands.

The main obstacle is that existing e-mail encryption programs are too awkward for the average non-technical user. Fortunately, the NSA scandals have sparked interest in developing user-friendly solutions (such as MiniLock, currently in limited beta release with full release planned for August -- technoneepery details).

[PlasticMan]

Or, if you don't use the camera very often, go into Device Manager and turn it off. Don't forget to turn off the microphone also.

It might be possible for a sufficiently clever hack to activate the camera and microphone while putting up false flage that make it look like they're still turned off. Removing tape or a bit of poster putty from the lens without making it obvious is more difficult.

[Red Badger]

Industrial strength...................

[upchuck]

The ultimate solution: unplug the camera/microphone.

[zeugma]

What I'd like to see is an email client that would take a look at the recipient list. If anyone on the list doesn't appear in your public keyring, offer to send it separately from any who do, and include your public key as an attachment with a description of where to get public key crypto software.

For any recipient that you have a public key, you encrypt the message to them. Granted, having one of the messages go out plaintext defeats the crypto, as time goes on less and less would be sent that way. You could also have an option where instead of sending the recipient the message you could just send an email to them requesting their public key and providing yours. Anyone not interested in sending your their key would just not get any email from you.

I've almost gotten to the point that I'm more interested in secure communications than I am with talking to casual acquaintances, or even family members for that matter.