I love encryption. As a kid, the occasional “secret decoder ring” I’d get out of a box of cereal or Cracker Jacks was a treasure worthy of King Tut himself. In my high-school years I studied how to make (and break) ciphers on paper, and I went on to study computer encryption as well — two of the software products that I wrote for my previous company were based on various forms of encryption, and one of them is still in high demand in the corporate world. Most of my computer data is protected by different forms of encryption too, so I have little to worry about if a thief manages to make off with my hardware or a backup disk, or if one of my neighbor’s kids decides to try snooping on my wireless network traffic.
There were still a few gaps in my encryption defenses though, gaps that I was a little nervous about. I’m not precisely paranoid, because people really are out to get me — and they’re after you too. They want access to your bank accounts, your credit card numbers, and your computer, and that’s just for starters. So I’ve been working on plugging a couple of those gaps.
The first was for my backups. I do a nightly backup of my laptop’s data to my server system. The data is encrypted on both ends by disk-encryption software (to protect it in case of hardware theft), and the wireless connection between the systems is protected by WPA encryption while I’m at home… but when I travel, I’ve always had to turn those backups off, because I had no way to securely encrypt them over the public Internet, or ensure that the server I was sending them to was the one I thought it was (I’d never gotten around to writing my own secure backup program, too many other interesting things to get done).
After some research, I discovered that it was possible to run an SSH server program on a Windows system, using the Cygwin package. I installed it, following the instructions I found on this page. It worked fine locally, but I couldn’t get my laptop to use it at first because the Windows firewall wouldn’t permit it. (That was easily taken care of, once I realized the source of the problem.) This one showed me ways to set things up on the laptop without a lot of hassle too. Now I’m pretty much ready… whenever I need to travel, all I have to do is set up my router to route the SSH port (port 22) to my server, and so long as I have an Internet connection, I can keep doing remote backups, in complete security. 🙂
The second gap was in my communications. I use GPG to securely e-mail some of my correspondents, but for instant messaging I found myself limited. Under Windows, my preferred IM protocols are Trillian’s ICQ (because Trillian can automatically encrypt it when talking to other copies of Trillian) and Skype (because all Skype IMs are automatically encrypted). Skype works fine under Linux too, but Trillian doesn’t.
When I heard that there were two different IM encryption packages that work with the GAIM/Pidgin instant messenger, I picked up both. 🙂 The first one is Gaim-Encryption (now Pidgin-Encryption), and is specific to GAIM/Pidgin. The other is Off The Record, and can apparently work with other IM programs too. Both of them are available via Ubuntu’s apt-get system, as the packages gaim-encryption
and gaim-otr
, respectively. I haven’t had a chance to play with either of them yet, but I intend to do so as soon as I can convince one of my chat-friends to install one of them too.
“Next!” 🙂
I’m interested in the encryption, and now both packages are installed here as well.