Spooks use the same tools to catch whistleblowers that they use to find spies. They monitor content and metadata of communications. Then when there's a leak, they try to backtrack by analyzing metadata.
For experts it's been possible for many years to protect the content of email. GPG works. Snowden relied on it. GoodCrypto made that content protection available to ordinary people, even children. But almost no one protected the metadata.
The metadata is all the information on the outside of an envelope. Who the mail is from, who it's to, when it was sent, etc. That information has been used to catch even very careful whistleblowers.
GoodCrypto now protects your metadata. Not just with encryption, but with packetization and padding. That means no one listening on the line can read or analyze any individual's metadata.
If you're a whistleblower you use any mail service that supports GoodCrypto. The example Snowden gives is a whistleblower sending ma...
Ed Snowden says that VMs are "a big step up" against persistent threats. That matches our experience.
To avoid forensics, malware on hardened systems is often volatile. It disappears when you reboot. But an attack can leave a backdoor.
Some malware hides itself in BIOS, device PROMs, etc. Even reformatting and reinstalling the OS doesn't help. This malware is a type of APT, an Advanced Persistent Threat.
Until attackers have cracks to break out of a VM and are willing to use them, a properly configured VM is good protection.
When a reboot isn't en...
GoodCrypto now protects email metadata
Ed Snowden said, "People are being killed because of metadata." He says whistleblowers are caged because of it. And he told us how to fix it. GoodCrypto now has metadata protection for email built to his requirements.
Metadata is everything about messages but the content. Who, what, when, where. It is all the most important ingredients in a news story.
Metadata is much easier to analyze than content. Network analysis tells spies who the source is and who helps them. Traffic analysis shows which connections are important and reveals activity surges. All this is done automatically. None of it requires any content.
Former CIA and NSA director Michael Hayden says, "We kill ...
Censorship attack combines packet injection and Heartbleed
We all know there is censorship online. It happens in China. It happens to "terrorists". But we don't believe it will happen to us.
As Eben Moglen and Kaspersky have pointed out, companies developing crypto are prime targets no matter where they are. So you don't have to be a bad guy for the NSA to attack you. You just have to protect people from the NSA. Even protecting yourself is often enough. NSA prefers their victims to be defenseless.
Detection in the wild
In early 2015 people were still downloading our ISO file for GoodCrypto. But suddenly installations stopped.
...
Snowden's goals are GoodCrypto's long term goals.
Reset the Net is a campaign against mass surveillance. The first coordinated action is on Thursday, 5 June 2014. GoodCrypto's purpose is to help stop mass spying. We plan on offering (Update: Now available) enterprise PGP mail and TOR web browsing with key and cert pinning in 3Q 2014. Of course we support "Reset the Net".