 |
The creator of an encryption program that wasn’t successful released another one with a renewed concept: making encryption so easy that anyone can do it, in order to stay protected from the prying eyes that spy on digital communications.
Espionage, a century ago, could be as simple as setting up a copper wire on an official telephone line and start eavesdropping. Today, one hundred years later, that way of spying is something to laugh at, and it may even seem endearing. Current espionage systems are so incredibly sophisticated that few words actually manage to escape the network of technological eyes that are constantly watching the digital messages circulating on the planet: SMS, emails, social networks, phone calls, and so on.
The world’s public opinion is divided between those who justify tracking and those who believe that a compulsively observed population will result in the most barbaric totalitarianism imaginable. Hackers and tech-savvy experts, though, were the first to denounce the machinery that states and governments were setting up to delve into any private space. The best known cases are those related to Julian Assange and Edward Snowden, but there are many more.
This community is also trying, with a lot more courage, to avoid an ultra-controlled future. For years, hackers have been creating encryption technologies to shield messages and making them only accessible to the person who sends and receives them. Many of them called themselves “cypherpunks”. People like Assange spent a lot of time creating free encryption systems for people to express themselves freely on the Internet. The identity and contents of a message are inaccessible except for the sender and the recipient.
For years there have been services that have been trying to stay out of this global espionage network consisting of governments and businesses. As an example we can find web browsers (Tor, Chrome’s incognito mode or Firefox’s private browsing), mail services (Lavabit, Riseup), instant messaging clients (Telegram) or search engines (DuckDuckGo).
But outside of those environments, for the average user, encryption remains a bit of a mystery. Software engineers and similar experts, however, work harder to make it easier and lighten the weight of this unprecedented network of espionage. One of those hard-working people is security consultant Nadim Kobeissi, who created and released a browser plugin that is capable of encrypting and decrypting files in just a few seconds, and was featured in an article from Wired magazine.
The program is called MiniLock. It is free and open source -you can find its source code in GitHub-, and it was presented for the first time in New York’s Hope X hacker conference in July of 2014. Kobeissi hopes to develop software so simple that anyone can use it. “It’s super simple, approachable, and it’s almost impossible to be confused using it”, said Kobeissi to the aforementioned magazine.
 |
MiniLock first appeared as a beta version and, according to its creator, it began still in an experimental phase. The extension is capable of encrypting virtually anything, ranging from videos embedded on an e-mail message to photos stored on a USB drive. These encrypted documents can also be stored, safely, on services like Dropbox or Google Drive.
In this desire for simplicity, MiniLock requires no registration or a signup process. The only thing the user has to enter is an extremely secure password, which means that it must be comprised of a combination of at least 30 letters and numbers.
Kobeissi has been working for quite a while on encryption systems. The consultant is probably better known for his Cryptocat chat program. But, according to Wired, that project had security flaws. In a pessimistic view this could mean that the hacker community can view MiniLock with a skeptical eye. An optimistic outlook may focus on something different. Kobeissi himself says that he has learned a lot from Cryptocat and he’ll avoid the mistakes he made back then. One example is the fact that he chose not to release the program right away via Google’s store. Instead, he posted the code on GitHub in order to allow other coders and experts to assess it, check it and correct it beforehand.
Information leaks have turned into a trending occurrence, an especially significant one when it comes to fighting corruption. Certain systems, such as the open-sourced SecureDrop, have allowed citizens to present documents and all kinds of complaints to major news outlets, in a secure and anonymous way, to protect the identities of the whistleblowers.
The controversy that came after Snowden’s revelations about the NSA encouraged the creation of platforms such as Trsst, a microblogging site similar to Twitter, which describes itself as “encrypted, anonymized and decentralized”.
Encrypting information will probably end up being a common practice. And maybe, hopefully before long, it will turn into something as simple as creating a zip file today.
Related contentRead Don Burns’ “Threema, a messaging app that cares about your privacy”
In this desire for simplicity, MiniLock requires no registration or a signup process. The only thing the user has to enter is an extremely secure password, which means that it must be comprised of a combination of at least 30 letters and numbers.
Kobeissi has been working for quite a while on encryption systems. The consultant is probably better known for his Cryptocat chat program. But, according to Wired, that project had security flaws. In a pessimistic view this could mean that the hacker community can view MiniLock with a skeptical eye. An optimistic outlook may focus on something different. Kobeissi himself says that he has learned a lot from Cryptocat and he’ll avoid the mistakes he made back then. One example is the fact that he chose not to release the program right away via Google’s store. Instead, he posted the code on GitHub in order to allow other coders and experts to assess it, check it and correct it beforehand.
Information leaks have turned into a trending occurrence, an especially significant one when it comes to fighting corruption. Certain systems, such as the open-sourced SecureDrop, have allowed citizens to present documents and all kinds of complaints to major news outlets, in a secure and anonymous way, to protect the identities of the whistleblowers.
The controversy that came after Snowden’s revelations about the NSA encouraged the creation of platforms such as Trsst, a microblogging site similar to Twitter, which describes itself as “encrypted, anonymized and decentralized”.
Encrypting information will probably end up being a common practice. And maybe, hopefully before long, it will turn into something as simple as creating a zip file today.
Related contentRead Don Burns’ “Threema, a messaging app that cares about your privacy”
No comments:
Post a Comment