ICLOAK? Heml.is? Cryptocat? Thoughts?

Operating Systems & Open Source Open Source & Web-Based
1

dear logan, wendel and everyone at the tek

So all this lack of security and privacy on the internet kind of made me crazy.. I went on a crazy hunt for anything that seems to be providing security and privacy.. So far Ive stumbled upon ICLOAK, Heml.is and Cryptocat. Id love to hear your thoughts on this.

I saw one other post about ICLOAK so i guess ill start there. I love the idea; which "is a portable anonymity tool that enables you to browse [and work] anonymously on and securely on any Windows, Linux, or Mac computer [when you boot from the "stik" (thumb drive)]. It has two partitions; one for the secure linux based os (which im hoping has nothing to do with SElinux) that you can browse anonymously, work with documents on and the other is where you can store files on that you can access anywhere like a regular thumb drive. The thing about the os is that everytime you logout of the os, it wipes the os partition part of the thumb drive. Now im just a little skeptical only because it uses tor as the main browser.. 60 percent of tor's funds was provided by the government.. there was one tor security breach (while just for windows) that allowed one user to see another users actual ip address so ahhhhhhhh...

link to site: https://icloak.org/

link to kickstarter: https://www.kickstarter.com/projects/icloak/icloak-tm-stik-easy-powerful-online-privacy-for-yo

 

next,Heml.is is something i have alot of hope for... It is supposed to be "a secure messenger" that focuses on privacy, uses there own servers, doesnt save any messages (until they have been delivered), and is trying to fight against the governments data harvesting. The people behind Heml.is inclue Peter Sunde (co founder of the pirate bay), Linus Olsson (co founder of Flattr micropayment service) and Leif Hogberg (CTO of Flattr).

link to site: http://heml.is/

link to blog site: http://hemlismessenger.wordpress.com/

 

Next, cryptocat. There one reply to a post on the tek in the forums that mentions crypto cat but not much about it. Ive been using it recently just to talk with my friends, basically anytime i can avoid messaging by using cryptocat then i will take that chance. Basically it is an web based messenger that is available with or without an extention on every browser and as an iphone app . it starts you off with an interface that gives you the option to name a conversation, then make a nickname for your self; but keep in mind there are no accounts, you can have your user be apple123 one SESSION and then orange332 another. So what you do is set a conversation name and nickname ( which could be anything for each), then tell people you want to talk with the conversation name, then connect, and you can talk. So for example, say you and alice want to talk. You tell alice the conversation name you chose, which in this case willl be "teksyndicate", which is what you and her will put in the "conversation name" box. Then you set usernames and join. So what you do is message the other person, then when you are done, you press the logout button which exits you from the conversation and gets you right back where you started. But you can still join the conversation if you put in the same conversation name and if the person or any person is still in that conversation. Only thing is you wont be able to see your previous messages, because they have been wiped (part of the privacy). But they make things very clear; it doesnt hide your ip, it doesnt protect you from keyloggers, and doesnt prevent you from talking with untrustworthy people who may show the messages in a current conversation.

link: https://crypto.cat/

 

i know this was long but i was wondering if i could get your thoughts?

 

 

2

ICLOAK -> other then vpn i can't find any detail on how it's supposed to work, also it makes a very bold claims like "100% Anonymous and Secure OS + Browser Tool", this isn't very confidence inspiring. Also Tails already does this, for free...

Heml.is -> not completely opensouce + dependant of centralized server -> so basically it can't be audited, nor is it distributed enough to withstand attacks

crytocat shows some promise, but it's probably not mature enough for critical stuff, but probably good enough for non critical privacy enhancement. Beware it depends on your browser being clean.

here is an extensive list of privacy tools

  • Before you get an information overload:
  • read what a few of the things do,
  • then pick one and try it out, pick a similar one and try that one out.
  • if you picked one that is too complicated to make work, try an easier one, come back later.
  • there is allot of redundancy , you only need a small subset of these.
  • This is a marathon not a sprint, pace yourself ! If you are starting to feel  overwhelmed by paranoia. give it a rest for few days.
  • Don't get tangled up in perfectionism, every time you learned to use a new privacy tool, it's a win for you, and you deserve to feel good about it.
  • Look at restoring your privacy as a long term project, that you slowly build up over time.
  • Easy stuff is Retroshare, diaspora, https-everywhere, disconnect, open streetmap, buddy-cloud, startpage, duckuck go , better privacy, self destructing cookies, jitsi ...

 

 

3

Icloack is pretty much a closed version of tails, so it's a fraud.

I also call bs on hemlis like on pirate bays private tor browser which was (or is if it's still around) far from private.

Cryptocat I know nothing about, but i'm guessing if they're foss and aren't using any RSA algorithms they should be ok. For communications in a public network PGP/GPG encrypted e-mails or im's are still to this day the most secure yet simple solution without hacking your own hardware imo, correct me if i'm wrong.

Online “privacy” is unfortunately outdated in todays society, sure you can make tracking a tad more difficult for eavesdroppers (and how likely is it that you're a target) using vpns, tor or spoofing but that will not hide your identity or physical location in any way, especially if all of your masked data is stored somewhere, enabling your traffic to be analyzed at any time without any time constraints for decades to come (this goes for all sites that does any kind of indexing (all), not just the NSA, that everyone likes to talk about). That's why proper encryption is the only way maintain the contents of different messages private.

4

Thanks, ive just been inundated by the lack of privacy but ive been scrambling around to find things to help but i guess your right ill have to pace my self; ill keep that in mind 

5

Thanks for your feedback it means alot; but would you recommend tails instead?

6

@Baz

So you don't know anything about Cryptocat but you do know that Heml.is which is not even publicly released is bullshit? alright man lol

 

Also you totally misunderstood piratebrower it's not suppose to be "private browser" it's pirate browser.. they never claimed it's about being private..seriously do your homework before you go bashing around -.-

PirateBrowser - No more censorship!
PirateBrowser is a bundle package of the Tor client (Vidalia), FireFox Portable browser (with foxyproxy addon) and some custom configs that allows you to circumvent censorship that certain countries such as Iran, North Korea, United Kingdom, The Netherlands, Belgium, Finland, Denmark, Italy and Ireland impose onto their citizens.

Does it make me surf the net anonymously?
No, it's not inteneded to be a TOR Browser, while it uses the Tor network, which is designed for anonymous surfing, this browser is ONLY intended to circumvent censorship.
The Tor network is used to help route around the censoring / blocking of websites your government doesn't want you to know about.

If you are looking for something more secure you may want to try a VPN like PrivacyIO.