1) Tor is slow... I like my internet instantaneous. Having time to get up and make tea while waiting for my websites to load just isn't going to cut it. Also because my IP address comes from a random location every time google tries to guess what language I speak. I was unable to determine how to assure google that I speak english... American english specifically. So I just had to deal with google being in Chinese, German, Dutch, and Italian. Poor show I feel.
2) PGP has a fundamental flaw. You see PGP uses a public key-private key combo. I left my public key on my blog and kept my generated private key hidden on my Ubuntu Linux laptop at home. The trouble is that private key isn't something you can really carry around with you. (Because it's private). I spend more than half my waking hours at work... on a computer where they probably track my keystrokes and other terrible things. So even if I brought my private key encrypted (which it is by default thank goodness... with a passphrase...) that's totally not useful if you worry that someone has placed a keylogger on your system. So I can't use my private key to encrypt anything when I'm at work... which is almost always.
3) IM encryption can't work one way. There is a nice and easy PGP-like encryption plugin for Pidgin called pidgin-encryption, I just added the addon and was immediately able to chat encrypted. The problem is you can't chat encrypted to people who don't use the same encryption. I tested it out with my wife and it worked great. I even checked out my google chat logfiles to see what it looks like going across the wire. Here's a sample:
me: ** Encrypted with the Gaim-Encryption plugin : Send KeySuper sexy huh? But for it to work generally I need all my friends to encrypt as well. I'll try to always allow encryption on my chats (just in case you're feeling like hiding your talks with me) since it doesn't affect anything else.Kelly: ** Encrypted with the Gaim-Encryption plugin : Key: Prot NSS 1.0: Len 249:Odw+YVVO3fV7d3cD/LISGDkAMIJDLFg8,MIGfMA0GCSqGSIb3DQEBAQUAA 4GNADCBiQKBgQDEEAQhm477bt1KnprV lD/5nWH+deYoF2IjUxt/5sUOnJezCpW sqRgRoDUxOUEBWkEpWSWJVV8yjPRr7i 2nnkWjpe3a+fQ+20pkIdI6qJqRFSU5P 2gJLXWl3p38rET6W8i7tE8F20m4Msk5 7jF4URSqAWjHtsZ0g4bjwpANXlLXkwI DAQAB me: ** Encrypted with the Gaim-Encryption plugin : Msg:Sf01f547677:R2687548b16: Len 512:N6DFKd+PciYkREHlpv1/EzLYJ3HY2VCo/T30KU48Rqws0CqMPW aAqU4z1dpTUYQWr81Uv3jakPfuB +0tmyW1gVORQscW+SY84uAaovAZpjM0 HdtWT762jciqfUfmHs+9iT9mlczvXSk 1kFyfUUhKk8h6GPgPxxhUPAWxFFRr5i W8wkMJ+ltUz+u9NsyUfTz8i4x4CqAu3 ZUQxGt1vYYzRn3ruzVhlw+mJkGMQA51 FsmN68bcUEq01d9fU/Q0cQJmADs6l1N 0l+RA5SZOrMDGJixCqrFLzDLQ8Tuv8S K8UDvWS9x20zNIwop3KnJi+DUtk +u1I2VoCSFYPe4qfhDfspXKDtuYc1vB g/aSy+4mA8gLngOMwvCPwxNCEBzs1uV rtYFwL2A630Ah+v2/cJP4qpWH2i7hMI SnBXTcDFnQSEj0kVzeqN8FCR /h8iq0yPHMYUM6P7ejKaQW46I +S5X0QxxTr9Md3J4aimu374cI93VUps 9zRGe6TE1ImbtFAo48
4) Everyone uses cookies. I tried turning off cookies and I was immediately making exceptions. Google uses cookies for everything (which is dumb). My work website uses cookies. My comic slurper uses a cookie and that's all. Del.icio.us uses cookies. It's crazy. It's like turning off javascript for how many ill-concieved websites just shove crap on your harddrive. But I don't want to do without those sites so cookies are back on the menu.
5) Https works great. I found that google was especially competent at running SSL. Hotmail fails at it by the way. Even though you can go to the login page on SSL it redirects you to a non-SSL page after login. And you can't even switch to SSL yourself... EPIC FAIL. I'm going to continue to use https on gmail and my google homepage, because I like imagining my communications with those places are only between me and them... regardless of how often they sell my communications to other companies and the government. Though I just checked and blogger fails its https check, though it does redirect you to the regular http, which is better than hotmail. I guess they want to make sure that everyone can watch what you type as you write your blog.
Conclusion
The interwebs are not ready for people to go dark. They still want to hook in and track you and prevent you from hiding. That's really a sad statement, I think that the internet foremost promoter of "anonymity=equality" should allow me to be anonymous. I know that after this experiment I will try to be more conscious of how I design my websites, just in case an uber-paranoid friend needs to contact me.
No comments:
Post a Comment