Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Encryption Cellphones Censorship Communications Data Storage Handhelds Privacy Politics Your Rights Online

Encrypting Phone Storage and Transmission? (2011 Version) 198

Posted by timothy
from the enough-line-breaks-are-indistinguishable-from-encryption dept.
An anonymous reader writes "Soon I'll be moving to one of the hot, culturally restrictive countries which has recently been in the news ... and which monitors and filters web traffic. ISPs and cellular providers are both owned by the government. Needless to say, I'm concerned about privacy and am even posting to my fellow Slashdotters as an anonymous coward. Which smart phones are the best for a) encrypted storage, and b) encrypted transmission? I'm not worried about encrypting SMSs or traditional voice traffic, but I would like all IP traffic as secure as possible. Setting up a server in my less restrictive home country is an option. What storage encryption and transmission encryption would you recommend for that situation? I'm willing to buy yet another device, if necessary. (No, I won't get a SatPhone.) I currently have a Nokia N900 running Maemo5 and another device running Symbian S60v3. I was hoping to have a secure OS like BackTrack running on the N900, but it looks like the software was never totally ported for the device."
This discussion has been archived. No new comments can be posted.

Encrypting Phone Storage and Transmission? (2011 Version)

Comments Filter:
  • Traditional VPN? (Score:5, Informative)

    by RyuuzakiTetsuya (195424) <{taiki} {at} {cox.net}> on Thursday February 17, 2011 @04:53PM (#35237570)

    Why not a traditional VPN with an Android or iOS device? Symbian should also be able to support VPN connections as well.

    • Re:Traditional VPN? (Score:4, Informative)

      by b0bby (201198) on Thursday February 17, 2011 @05:01PM (#35237670) Homepage

      That's my thought too. There are lots of reasonably priced VPN services out there, or you could run your own. But for ~$10 a month or less, why bother? I've used the $6 "Premium" service from hideipvpn.com & it was fine, I'm sure that there are others that are just as good though.

      • phones can be jammed, electricity can be turned off. Given the 5th world pide of Islam's Leaders, use Semaphore [wikipedia.org], in some tested cases, it's better than AT&T's service.
        • While I think the parent is being funny, Ham Radio would be something that couldn't be stopped as long as you have little power.

        • by cayenne8 (626475) on Thursday February 17, 2011 @10:25PM (#35240586) Homepage Journal
          I think the best advice would be...to stay as far the fuck away from any middle eastern country to begin with!!

          That's just asking for trouble....unless you happen to be someone that wears some form of the various headgear/hats the peoples over there seem to all sport.

          Why any sane person from the free part of the world would go over there....especially NOW...is beyond me.

          I mean, hell...I'd do just about anything for a dollar..but I'd not risk my life (and head) by going over there for any amount of money.

          • Re:Traditional VPN? (Score:4, Informative)

            by orasio (188021) on Friday February 18, 2011 @06:47AM (#35242242) Homepage

            I think the best advice would be...to stay as far the fuck away from any middle eastern country to begin with!!

            There is a western, christian country, that is in the news at all times, known for seizing laptops at borders and keeping your data.
            In fact, when I travel there, I don't carry my laptop or any personal/work data with me, that's how worried I am.

            Why any sane person from the free part of the world would go over there....especially NOW...is beyond me.

            There is no free part of the world. There are only shades of grey. There are places where you are safer and worse places, but enemies of freedom exist and act everywhere.
            Add to that the fact that your definition of freedom probably doesn't match what some other people believe, and the whole "free world" concept becomes a dumb idea.

            I mean, hell...I'd do just about anything for a dollar..but I'd not risk my life (and head) by going over there for any amount of money.

            And you probably make enough. The world is full of people who risk their lives to make a dime. Otherwise, there would be no cops, no antenna installers, no tall buildings. That is because they can make a better living that way than staying safe.

            • Actually, America is NOT a free country, it IS a liberated country. In America, everything has a price. And after a certain Supreme Court decision by some judges, two of which that should have shut their mouths, I'm sorry, "abstained" from a certain decision on the definition of what people are, our price tag for things American became cheaper. That's what I'd call "living large" in America. XD
    • by morcego (260031)

      I have OpenVPN running nicely on my Android 2.1 phone. Had to root it, tho.

      And since you are rooting it, you shoud be able to partiton you sdcard and setup some kind of encrypted filesystem. I havent tried it yet, but might just to see if is possible.

      Also, in a country like that, you might try getting a phone without a camera... just in case.

      • by TA (14109)

        OpenVPN runs fine on the N900 too (I use it a lot), and as the author has the N900 already he should be all set up.

        • Yep and it's possible to encrypt most of the storage on the N900 as well, although it's a gigantic PITA. I'd set aside a good bit of time just for getting that working. The downsides: Increased CPU usage (just overclock to compensate), the root partition can't be encrypted (not a huge problem, just don't store anything sensitive on it), and once you encrypt your 32GB internal storage and MicroSD, you can't access them via USB mass storage mode. You can still use anything else though - you can use SCP or Sam

    • by MoonBuggy (611105) on Thursday February 17, 2011 @05:26PM (#35238022) Journal

      I thought the same, but there are a few important supplementary questions (to which I don't know the answers):

      • By consistently streaming encrypted information out of the country, will you just make yourself a target for more invasive surveillance measures (and perhaps some rubber hose cryptanalysis)?
      • When the ISP themselves are your adversary, you're at an immediate security disadvantage. How far can they go towards cracking your connection when they can monitor everything you transmit, and cross reference it with real-world info about you?
      • If your connection is compromised, how much extra risk are you at? Is the sense of security leading you to transmit things that you wouldn't otherwise have committed to writing, and might they cause you trouble?
      • Are these encryption measures legal where you're going? Even if so, are the state the type who might see it as a reason throw you in jail on vague espionage charges?

      I understand wanting to maintain your privacy as a matter of principal, but ultimately you're the one choosing to go to their country. You don't have to like it, but you do have to live by their rules. From my own experience travelling in some of the more repressive parts of the world, I would say that there's generally a certain amount of leeway given to foreigners that isn't afforded to locals, but you're still safer not giving them an excuse to pay you any extra attention. What I can't tell you (especially without knowing which country you're going to) is what they will or will not consider to be an excuse; honestly I doubt that even a police chief in the country could give you a definitive answer in a lot of places - the strictness of the definition tends to be inversely proportional to the wealth and influence wielded by the person that it is being applied to.

      Just bear in mind that while it may be discomforting to know they're reading your emails home, they probably don't care what you're saying. They might well start caring about the fact that they can't see what you're saying.

      • Using a VPN doesn't automatically finger you. Keyword filters-- the spoken kind of keywords-- do. If you do data, reboot frequently to change your IP address. Or, if you think about it, change your MAC and IP address by incrementing by 1 or 2 (etc) your address; you're unlikely to bump into a collision. Smart guys figure out address domains.

        Otherwise, figure you're being listened to all the time. GSM is as easy to crack as an egg these days. Data ought to be encrypted as mentioned above. Don't save files wi

      • All good points. To add a concern: I don't know the laws in these countries, but perhaps even possessing crypto tools is illegal? I'd check into that before using this stuff in country.

      • by jonbryce (703250)

        Email is probably going to be an ssl connection to an exchange server back home, so even if you do nothing, they can't read your emails. A lot of people are going to use VPN to access their workplace network back home simply because it is the only way to get in, so I don't think VPN traffic will be that unusual.

      • by RockDoctor (15477)

        Are these encryption measures legal where you're going? Even if so, are the state the type who might see it as a reason throw you in jail on vague espionage charges?

        Not just encryption measures. I was travelling to a not-very-hot, not-particularly-repressive country to work one time and I was planning to take my hand-held GPS, just for shits'n'giggles. But I had the burglars come round and take it instead, so I didn't. When I was there, I discovered that a nearby town had recently completed the conviction

        • Which "not-particularly-repressive country" convicts any Western citizen to 5 years of forced labor camps for possession of a GPS device? And how's that "not particularly repressive"?

          Please tell me so I can avoid that hellhole. All phones now have GPS embedded which I can't possibly turn off when crossing the border. And I won't buy a second phone just for a 10 days vacation. I will gladly rewards laws like that by saving them from having to take my dirty Western tourist money.

      • by elrous0 (869638) *

        By consistently streaming encrypted information out of the country, will you just make yourself a target for more invasive surveillance measures (and perhaps some rubber hose cryptanalysis)?

        Obligatory xkcd [xkcd.com].

    • by gandhi_2 (1108023) on Thursday February 17, 2011 @05:37PM (#35238162) Homepage

      Could a constant stream of encrypted data going thru his carrier and ISP bring government attention to him or her?

      Will this hot, culturally restrictive government just throw their hands up and say, "well... he's got a VPN... not much we can do"?

      • by jrumney (197329) on Thursday February 17, 2011 @11:21PM (#35240822) Homepage
        Exactly. My advice to someone going to a country like this is to make damn sure you stay under the radar. Be prepared to give up your daily porn habit, your torrenting, and your urge to give your opinion on every political topic under the sun. If this is too much for you, then don't go to countries with oppressive regimes.
    • by lakeland (218447)

      Right, most phones can be set to send all IP traffic over the VPN. That'll mean someone has to break your VPN to get at the traffic which is hard enough you may as well consider it impossible. Also, it has the advantage of being very easy to set up.

    • And what would one use for the first of the two requirements, encrypted storage, on an Android platform? I'd love to hear of a solution.

      • by h4rr4r (612664)

        Truecrypt seems like it would fit the bill. Just need to build the kernel modules.

      • by KlaymenDK (713149)

        ...but then, I imagine the Google apps (and quite a few others, no doubt) leak clear text data by the bucket load. Even if you do encrypt your local storage, and use a VPN, I don't think that Google Mail and Maps and MyFace and BootPrints and ... will make use of it. Not to mention all the ad-enabled and profiled free apps, which are sending (anonymised, but still) usage data who-knows-where.

        If you want to be paranoid about your smart phone, be smart and use a dumb phone, and a proper PDA on the side.

    • by AmiMoJo (196126)

      TOR is also available for Android. Unfortunately full encryption of the phone's flash storage won't be available until Gingerbread 3.0 though.

    • by gl4ss (559668)

      it depends a bit on which symbian s60 3rd ed phone he has, not all of them shipped with the vpn bits(3rd party software though could help with that, though I don't know if any of the solutions that work are sold for consumers).

      anyways, go with a shabby symbian that you can get the needed sw for, that way you're off the radar at checkpoints. if you bring satphones or stuff that looks like it, you'll get flagged. that's how it works if they've been following the news too.

      oh and a FAKE encrypted drive there ne

  • Watch out (Score:3, Interesting)

    by Anonymous Coward on Thursday February 17, 2011 @04:54PM (#35237584)

    If you are going to Saudi...co-workers couldn't wait to get the hell out of there. VERY SCARY PLACE. Public beheadings on Fridays.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      But the Saudi's are an American ally? How could they be a brutal, repressive dictatorship that exports terror to the world if they're an American ally?

      I heard from Glenn Beck that Kenyan Muslim Communists like Obama want to overthrow our allies in the middle east to spread the Muslim Caliphate across the world. Are you a Kenyan Muslim Communist?

  • by ogfomk (677034) on Thursday February 17, 2011 @04:55PM (#35237600) Homepage
    You will just need to buy that phone in the country you are going in. Otherwise you may loose it through customs unless you are a diplomat. Best to get something boring and assume that everything you send is readable by anyone. If you keep something that is valuable there is nothing that customs would like better than to have your device.

  • This isn't the exact solution, but you sould be able to tunnel a skype connection over the Tor network, for a short period of time.

    Depends on the length of communication, which isn't stating in the question.
    • by Lehk228 (705449)
      but if you are carrying around a fiber optic line to handle that, why not just use it directly?
  • boncee (Score:4, Interesting)

    by Lord Ender (156273) on Thursday February 17, 2011 @04:58PM (#35237642) Homepage

    Bouncee [bouncee.net] is a VPN service designed to protect the privacy of international travelers. It encrypts all your network traffic and routes it through a server in the United States.

    It's also really, really cheap. This sounds like what he's looking for.

    • by icebike (68054)

      Bouncee [bouncee.net] is a VPN service designed to protect the privacy of international travelers. It encrypts all your network traffic and routes it through a server in the United States.

      It's also really, really cheap. This sounds like what he's looking for.

      Do they have a mobile version?

    • by zonky (1153039)
      I'm not sure why everyone always trusts the other ends of these cheap vpn services so readily. If you wanted to set up a credential fishing operations - why wouldn't you just set one of these up and watch the exit gateway?
      • If you wanted credentials you would host a free service. A commercial service would have far fewer users and a money trail to the person who runs it.

  • Solution. (Score:5, Interesting)

    by Zurk (37028) <zurktech@gm[ ].com ['ail' in gap]> on Thursday February 17, 2011 @05:00PM (#35237668) Journal

    I have the same problem. I am not in a restrictive country, however my phone lines are tapped on a regular basis since i deal with defendants. its not paranoia -- they really do tap phones of attorneys to get around atty/client and ive seen the records more than once. I use an SSH connection to a tomatousb router (ASUS RT-N16) and forward ports to my N810. you can do the same with your N900. this allows me to do VOIP directly and also share the same connection locally by letting my N810 serve as a local hotspot. All traffic is encrypted with SSH until it reaches my home which is on a dynamic ip anyway. This has worked against local and fed agencies but may not work against NSA/big brother type agencies or against foreign government state departments. You need a fast upload connection (my 25/2 Mbps cable connection works fine). For anything more than the usual calls i meet people in person at the office. meeting in person is covered by priv and works well.

    • they really do tap phones of attorneys to get around atty/client and ive seen the records more than once.

      I don't think I understand the situation here. Who are "they"? Are you the attorney? Does "atty/client" refer to some set of laws that restrict whom "they" may bug and not?

    • Re:Solution. (Score:5, Insightful)

      by BluBrick (1924) <blubrick @ g m ail.com> on Thursday February 17, 2011 @06:01PM (#35238512) Homepage

      I am not in a restrictive country, however my phone lines are tapped on a regular basis since i deal with defendants.

      Y'know, if the second part of that statement really is true, you might just want to re-think the first.

      • by retchdog (1319261)

        sorry, accidental negative moderation. undoing. fuck this trackpad. mod this message down.

    • I don't follow; it's legal for them to tap your phone but not put a bug on your person/office and record face-to-face conversations?

  • Consider giving Whisper Systems [whispersys.com] "TextSecure" and "RedPhone" applications a try. I have had good luck with them. I don't know if they have been ported to S60 yet.
  • by smoothnorman (1670542) on Thursday February 17, 2011 @05:02PM (#35237676)
    I'd be most worried about the: "he's using techniques which we can't crack. so he's really up to no good, and we must therefore have him 'pay us a visit'" (cf the usual: http://xkcd.com/538/ [xkcd.com]). So perhaps you should consider communication that doesn't trivially look like communication that's subversive to the powers-that-are? Just something to mull over; because you see, the birds do fly west on a sunny day.
    • by izomiac (815208) on Thursday February 17, 2011 @05:50PM (#35238340) Homepage
      I was just about to pop in and say that. Plausible deniability is the only sane choice for this environment. It basically doesn't matter to you if your encryption is never broken if they just take that as an admission of guilt.

      IMHO, the way to go would be an android phone with an extra /data/ partition that's encrypted, and swap them out using the terminal. Be sure to use a strong screen lock (i.e. a long password or very long series of numbers, no patterns). That way, you have a benign /data for investigators, you get *everything* (i.e. thumbnails, logs, etc.) encrypted, and if they question you about the partition you can feign ignorance and claim that it must be a corrupted flash chip. All that said, I'm not sure how technically feasible this is, but it seems straight-forward enough with root access and some familiarity with the Linux terminal.
  • by vadim_t (324782) on Thursday February 17, 2011 @05:02PM (#35237680) Homepage

    It has support for OpenVPN, SSH and tor out of the box. There was one guy in #maemo I think that said he succeeded at implementing full disk encryption, you might want to come there and ask. And if you install kernel-power you'll be able to be use iptables, which should help with making sure only what you want gets in and out.

    Now, will encryption help you? What is going to happen to you if you're arrested and suspected of accessing something you shouldn't? I'm thinking that in such a place, if they find you have a heavily encrypted phone they're just not going to let you go if they can't get data off the device, and refusing to tell the password might not be a great idea.

    Perhaps you should look more at plausible deniability. Try to set up the phone in a manner that is as un-suspicious as possible, make sure nothing incriminating gets logged on the device, and do all your suspicious activities on some remote server, with some panic system that can remove anything suspicious like tor or ssh without leaving a trace if you get in trouble.

    For testing what gets stored, you could try using rsync. Sync the entire phone, do something like loading a website, sync again and see what changed.

    • by westlake (615356)

      Perhaps you should look more at plausible deniability

      "Plausible" is in the eyes of the man holding the cattle prod.

      • by vadim_t (324782)

        Yes, exactly.

        The cattle prod man is certainly not going to be happy if he finds encryption, proxies and so on. So the goal would be to make it look like a normal phone with nothing unusual or interesting on it.

        • So the goal would be to make it look like a normal phone with nothing unusual or interesting on it.

          He's fucked. The N900 is not 'a normal phone' and it only has interesting and unusual stuff.

  • About the best you can do with off the shelf phones is to use an email client that supports secure communications, and visit
    web sites using ssl only. (not Slashdot).

    You could try some of the secured proxy browsers such as https://www.the-cloak.com/ [the-cloak.com] (self issued certificate - so due diligence required)
    as a way to browse sites like Slashdot that don't offer secure connections.

  • by ballwall (629887) on Thursday February 17, 2011 @05:05PM (#35237722)

    Set up a BES Express server, and get a BlackBerry. I'm not sure you can find equivalent security on any other platform. The BES Express server (free) offers transparent VPN. The devices themselves are unmatched, security-wise (though you'd be stepping back like 5 years in features). Email might be a problem if you don't want to also run exchange or lotus domino, but you could easily set up an IMAPS server and use that.

  • Your best bet ... (Score:5, Insightful)

    by tgd (2822) on Thursday February 17, 2011 @05:13PM (#35237820)

    Is not to use those services. Generally speaking, if the country is that restrictive, they probably will not take kindly to a foreigner trying to bypass the restrictions.

    A good rule of thumb to travel: obey local laws. If you don't like them, don't go there. As a foreigner, you are in a pretty risky spot to try to take matters into your own hand.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Is there a local law against encryption?

      The problem isn't the laws, it's the lack of "the rule of law".

    • by gl4ss (559668)

      I don't think that it's well defined whats Legal and for who in the country he is going to, same drill as with ussr - the only way to move through there doing business was to wing it, as nothing was defined - everything was always up to the local police(mp or not) and whoever happened to wield power for whatever reason in whatever area(doing business in russia is still hard for the same reasons, ikea lost a billion - this is also why it's a necessity to be able to withstand HEAVY drinking, to get to know th

  • by Stoutlimb (143245) on Thursday February 17, 2011 @05:13PM (#35237824)

    You're going to a restrictive country with little human rights, and you think that encryption will keep you safe?

    I think that XKCD put it best... http://xkcd.com/538/ [xkcd.com] I'm surprised nobody's posted this yet.

  • BackTrack != Secure (Score:3, Informative)

    by keckbug (1525803) on Thursday February 17, 2011 @05:18PM (#35237886)
    I feel compelled to point out that while BackTrack is a great distro, it's primary goal isn't really being secure from outside intruders. It is designed for auditing and testing other systems. I'm sure with a reasonable effort you could lock it down to be relatively secure, but you're looking at the wrong tool for the task. Hell, it runs everything as root by default.
  • If you're not a high-priority target or planning on creating civil unrest, than this restrictive government doesn't care about you. If you are, then encryption isn't going to save you. They'll either pull off some side-channel attack, like a rootkit on your phone that no amount of encryption is going to subvert, or just throw you in jail for using encryption at all.

    I'm all for security, but a lot of Slashdotters really need a sense of perspective.
  • the iPhone can do PPtP tunnels.. I haven't played on my Nokia N800, but I'm positive it can do it as well.. and I can't see any reason why you couldn't do it on an Android. I believe the Crackberry has such a large business-centric user-base, I'd be very sup

    Setting up and using an encrypted tunnel is pretty basic and most recent generation phones you'd even want to bother 'surfing' on should be able to do this. So if you're shopping for a new device, I'd just add this to a check-box list of features you wan

  • by markdavis (642305)

    It sounds you are using your phone to provide IP to other devices. You can just use ssh on those "other devices" to port forward anything you like. There is no need for any special phone nor software running on the phone when the IP traffic itself is already encrypted.

  • I would recommend just censoring yourself.

    The fact of the matter is that if the country is actually using sophisticated techniques to look for spies, they will be actively looking for data traveling in an encrypted form to the united states.

    It would be a shame to be captured and interrogated because the tyrants didn't know that "secret message" was about how much you hate your boss.
  • Since when is BackTrace a secure OS? I was under the impression that it was a live distribution with a bunch of penetration testing tools with Root as the default user. In fact I believe special configuration is required to even create a non-root user. Hardly an OS built for normal everyday use.

    I'm pretty sure the poster doesn't actually know what they need, want or are asking for, but best wishes.

  • by xeno (2667) on Thursday February 17, 2011 @05:45PM (#35238254)

    Some resources for the n900:

    ----- file system encryption--
    Truecrypt for true cross-platform encryption on the phone's non-boot volume
      (available by default in the N900's Extras-Testing repository)
    A nice script to simplify use of TrueCrypt (no screen icon = non-obvious = good)
      http://forums.internettablettalk.com/showthread.php?p=597269
    Also note that for your pc, you can put the x86 tc.exe on the phone's unencrypted boot volume, ...and then mount the phone's encrypted volume from the card, thru 1 usb connection

    ----- IP encryption
    Tor is available as a package and works well, tho with caveats
      http://www.torproject.org/docs/N900.html.en
    SSH is also available

    ----- semi-secure voip
    Skype support is inbuilt (tho sometimes suspect w/proprietary encryption & whatnot)
      configure thru Settings>Connectivity>VoIP and IM.
    Run your own Asterisk PBX on the n900 with an encrypted config/tunneled
      available in the Extras repository

    ----- alt boot options
    option to boot alt OS hidden on card
      http://wiki.meego.com/ARM/N900/Install/Dual_Boot
      http://neopwn.com/ (sometime soon, one hopes)
    option to carry a hidden/alt bootable PC OS in your phone
      http://zitstif.no-ip.org/?p=451

  • I'd believe that only Maemo offers moderately convenient gpg encrypted mobile email, not via the default email client sadly, although maybe you could hack that. Afaik, Maemo boasts the only mobile OTR messaging solution too. Android and Symbian beat out Maemo when your talking encrypted voice calls however since only they boast Zfone implementations. If the country is evil enough though, they might not even have access to skype conversations, not sure how skype handles baddies.

    Afaik, all modern mobile pl

  • It supports both regular VPN and tunnelling with ssh (or any other command line program). The browser can be configured to go through a proxy if you like. If you want a mainstream phone, that's probably the best way to go. There are also lots of encryption solutions.

    iPhone is nearly useless from a security point of view: when the VPN connection shuts down (as it does from time to time), it starts transmitting your data unencrypted; totally unacceptable!

    If you want any more control, you probably need to g

  • by c0lo (1497653) on Thursday February 17, 2011 @06:16PM (#35238714)
    Entering as a foreigner in the country will flag you for sure. Man-in-the-middle attacks are possible.

    I'm not worried about encrypting SMSs or traditional voice traffic, but I would like all IP traffic as secure as possible.

    If your traffic doesn't require real-time reporting of events (i.e. a delay of 2-3 hours between the event and the report is OK) and doesn't require large amount of data (i.e. text reports rather than video).
    1. As you control both ends of the communication, consider a prearranged set of one-time pads
    2. Plausible deniability [wikipedia.org] - including steganography and Rubberhose filesystem [wikipedia.org]
    3. Netbook instead of a smart-phone? (easier to arrange, no need to hack the phone)

    Good luck.

    • by jmuzz (1953550)

      3. Netbook instead of a smart-phone? (easier to arrange, no need to hack the phone)

      Exactly, why trust any phone hardware? Too much unknown in the drivers/custom firmware and serials linking coms to your device and location within 1km.
      99.9% of phones wont have non standard security features setup, any which do are just asking to be confiscated for further investigation, which is inconvenient if nothing else.

      Encryption of stored data is useless, your options are to supply the key, or to be charged with some other falsified charge such as drug possession which you will have no defence agains

      • Exactly, why trust any phone hardware? Too much unknown in the drivers/custom firmware and serials linking coms to your device and location within 1km.

        He's got a N900. Do you think 'they' have hidden something in the OpenGL drivers? Or the battery driver? Most of the rest of it is open source.

    • by Duradin (1261418)

      For #2 make sure you're worth enough alive so when they discover your "clever" scheme the response isn't "How cute. He's a spy. Execute him. Then perhaps we'll bother to try decrypting his device."

      • by c0lo (1497653)
        What in the TFQ you didn't exactly understand?

        "Soon I'll be moving to one of the hot, culturally restrictive countries which has recently been in the news ...Which smart phones are the best for a) encrypted storage, and b) encrypted transmission?

        As the person is already committed to do it, can you recommend better schemes? If so, I'm sure the person asking will be grateful.

        • by Duradin (1261418)

          Yes. If you don't *NEED* (not just want) encryption don't use it and don't do things you'd like to do but don't *NEED* to do that would require encryption. Just having the tools, or the appearance of having the tools, may be enough to get someone interested in what you're up to.

          Some governments don't care about "clever" little tricks of legality and will just throw the book at you.

  • by gstoddart (321705) on Thursday February 17, 2011 @06:18PM (#35238740) Homepage

    Before you start trying to figure out how to circumvent being spied upon by the host government, maybe you should look into the possible consequences of this. It may well be that if they find out that you're doing this, things could really turn out bad for you.

    It's generally a good idea to try to actually obey the laws of the country you're going to, especially if it's as volatile as you say it is. If you're a foreign national and don't have any sort of diplomatic protections, you could be playing a risky game.

    • Re: (Score:3, Informative)

      by wakim1618 (579135)

      I currently live in and have been working in one of those 'hot' countries for several years. First, your concerns about privacy seem misplaced to people who live around here. Tracking is for the general plebes who live there and have nowhere else to go. As a foreigner, your behaviors doesn't matter as much so long as you are not part of the problem. If you are a problem, forget about your supposed rights and privacy that you believe that you are entitled to.

      First, the government/state/security/police can ju

    • Before you start trying to figure out how to circumvent being spied upon by the host government, maybe you should look into the possible consequences of this. It may well be that if they find out that you're doing this, things could really turn out bad for you.

      It's generally a good idea to try to actually obey the laws of the country you're going to, especially if it's as volatile as you say it is. If you're a foreign national and don't have any sort of diplomatic protections, you could be playing a risky game.

      I don't think he is planning on organizing a coup or bombing a mosque. From how i read TFS it seems to be just a regular guy who wants to continue to do his email, post to slashdot, facebook, browse the web, without being restricted by a firewall or having his passwords sniffed or his privacy compromised. Setting up a VPN and doing all traffic through it seems to be a pretty reasonable approach. I'm pretty sure businessmen VPN into their company network from this kind of country all the time, so I doubt it

      • by gstoddart (321705)

        Then, I fear, you grossly underestimate what doing encrypted traffic in a 'repressive regime' might cause for personal ramifications.

        There isn't a lot of room to quietly do things The Government of such a country might not want you to do.

        What you may think is perfectly reasonable might, in your comfortable Western existence, not get you very far in a practical situation in such a country. Any government which might be willing to use force against it's own citizens might not actually give a fsck about you .

  • From what I know, an encrypted data connection is of limited value.

    1) If you are using HTTP, the ISP can listen-in on you even if the communication to the tower is encrypted.
    2) If you are using HTTPS, and the certificates are properly validated, then the communication is encrypted from the phone to the tower past the ISP and all the way to the web site. They can't listen in on you at any level. The only potential gain I see see to encrypting the data communication as well is that someone can't tell what s

  • Pwnie Express sells a N900 with Backtrack installed, dunno how well the phone functions though

  • Setup a OpenVPN box somewhere free (VPS Hosting) and install the OpenVPN application for the N900 - Works great for me !

  • To start off, here's the obligatory xkcd cartoon to go with the question: http://xkcd.com/538/

    Having spent some time in those countries, you should be careful to also consider the social aspect of what you want to do. Encrypting data is all fine and dandy, but that will only help against snooping and in case you lose your phone. At a checkpoint full of burly men asking you to show them what's in the file myporn.secret or SoundOfMusic.avi, encryption wont help. You will hand over either your 25 character top

Sentient plasmoids are a gas.

Working...