Update: In addition to implementing miniLock in Python (below), I have since also implemented it in Go, the library and tool for which can be found in the go-minilock repository. It’s been over a year! I have written the occasional blogpost on indiebiotech.com in that time, but even that blog suffers. If I’m honest, and to provide flavour for the rest of this article, every time I was sitting at my keyboard and might otherwise have been motivated to write a post on something, I wrote programs instead.
I’ve migrated my old blog from cunningprojects.com to cathalgarvey.me. It’s not entirely a matter of vanity, although I do rather like having my name on top: It’s part of a broader migration of my online stuff from the US to Iceland. The reasons for this are chiefly that Iceland is one of the world’s best countries in terms of free speech and free access to information. In fact, trends in Iceland suggest that more free speech may be on the way, not less; that’s bucking a scary global trend towards censorship and surveillance.
So, our great and glorious Minister Sean Sherlock just signed SOPA into law in Ireland, despite a huge civil outcry. The poorly defined statutory instrument will allow anyone claiming “Copyright Infringement” to seek a court injunction against any website, without having to present evidence and without a consultation with the accused website. The form of the resulting censorship is unclear, but will probably require ISP-level DNS censorship of websites outside Ireland, or direct seizing of those within the Irish jurisdiction.
By now, you’ve probably heard of the “Stop Online Piracy Act”, a doublespeakish attempt to permit massive censorship of the Internet by private corporations and shady government agencies without oversight or dispute in the USA. Under SOPA, it would become a felony to even link to a site that has been censored, and censorship would occur at the financial level (akin to theillegal financial blockade on Wikileaks.org) and the DNS level (i.e.
Google, I’m Leaving You. Somewhere over five years ago, I gratefully accepted an invite to Gmail and rejoiced: it was a wonderful new paradigm in web-based email, and a huge improvement over Yahoo Mail. It’s still one of the best email services online, and still miles ahead of the nearest competition by number of users. At the time, it was a straightforward social contract; Google would host and provide a great email service, and in exchange, non-human agents (robots!) would scan email in real-time for keywords, and provide ads in real time based on their inferences.
Well, I promised a post on Privacy and Security online, and it’s been long in coming. I’ll admit that’s because for all that I’d love to waffle on ad infinitum, I haven’t done enough research to know that everything I’m saying is up-to-date. So, to strike a nice middle ground I’ll split the post instead. In this installment, rather than offering “active” advice (such as what to install and how to browse), I’ll offer the groundwork and the basics of how to “passively” be more secure online and how to preserve your security.
I have a personal interest in my privacy both online and in the physical world. There’s no real reason behind it besides a knowledge that it is my right not to have my privacy invaded, and a feeling of insult that it is invaded anyway on probably a daily basis. Sources of this invasion include my ISP, Marketing Widgets on the internet, Possibly the odd hacker and the NSA, who are doubtless running programs that scan my email and monitor browsing statistics to identify them terrur-wrists at work on the internet.
I have just posted an email to the EFF asking a few questions about something that’s been on my mind. The US Government owns many or all of the primary DNS servers that rout internet traffic around the world. They are increasingly invading users’ privacy, regardless of the country of origin for the traffic. On top of this, the ISPs that provide internet service to users around the world are, at best, self-serving and unaccountable.