RATEL’s new law and our privacy
Posted by Saša Bodiroža | Filed under Freedom, Privacy, Security, internet
Serbia’s Republic Agency for Telecommunications (RATEL), published the instructions (text in Serbian) on Internet traffic interception and redirection. Basically, it allows Serbian government to read each and every bit of our communication, including HTTP, VoIP, e-mail and IM protocol. It’s not that I have something to hide, it’s just that it’s serious violation of my privacy. And I don’t really like that.
Update: I think I overreacted a bit in my comment. This legal act is not supposed to talk about violation of privacy. Violation of privacy is forbidden by the Serbian Telecommunication law, and Serbian Constitution. The whole purpose of this legal act, as I see it, is to amend element 55. of Telecommunication law.
Another comment can be found here (in Serbian).
Since we can’t change the law immediately, the least we can do is to protect our privacy. We can use encryption methods to encrypt our communication. Here are few advices:
There are web servers that support HTTPS protocol. If you start with HTTP, your browser won’t transfer to HTTPS if it’s possible. So, I advise you to try HTTPS, maybe destination server has support for it. For example, most people will type in facebook.com, which will take them to www.facebook.com, using HTTP. Instead, try typing in https://www.facebook.com. If you’re using Firefox, you’ll notice that the icon next to the address bar is blue. If you click on it, it will inform you that your connection is secured. It should be harder to eavesdrop your connection with www.facebook.com, since it needs to be decrypted first.
Encrypt your e-mails
System of GPG public and secret keys enables to encrypt and decrypt content you need to securely pass to another person. It is possible to use it with e-mails. You need to install GPG software, set it up and generate you public/secret key pair. Then you need to install Enigmail extension if you’re using Thunderbird, or FireGPG if you’re using Gmail’s web interface. For Outlook, GPGol module should work.
Setting up Thunderbird and Enigmail
How to install GPG, and generate public/secret key pair on Linux can be found here. After that is finished, download and install Enigmail. How to install GPG, generate public/secret keypair and install Enigmail on Windows can be found here.
Setting up FireGPG in Gmail.
Just follow the instructions provided on FireGPG download page.
Setting up Outlook
Follow the instructions provided here. It should work with GPGol module, but I can’t test it. I don’t have Windows, nor Outlook.
Encrypt your IM conversations
Update: A list of IM clients that support OTR messaging can be found in Wikipedia’s article about OTR. If you don’t have or don’t like pidgin, you’re free to use something else.
Pidgin, a cross-platform, multi-protocol instant messenger client, has the capability of encryption of instant messages, using Off-the-Record plugin. If you still don’t use Pidgin, I would advise you to install it.
If you’re using Linux, I’m sure you can install it through your package manager. For Debian-based systems, search for pidgin package. Also, OTR plugin is available in pidgin-otr package in Ubuntu gutsy and later, and in Debian testing and unstable.
If you’re using Windows, download the installer from here. It’s easy to setup OTR after, and the instructions can be found here.
After you installed Pidgin, start it and go to Tools -> Extensions. Locate Off-the-Record plugin and enable it. Click on configure button. For each account in the list click Generate, and select Enable private messaging and Automatically initiate private messaging.
Note to some of my friends that use MSN: What do you care more about: your privacy, or animated smilies ;)?
At the end…
This short tutorial doesn’t cover all protocols… If you know something more, please post a comment and I’ll put it in this post. Thanks.
If you have any questions, post them in the comments, and I (or someone else) will try to answer them.
Tags: decryption, e-mail, encryption, gpg, how to, howto, http, https, im, interception, internet, Privacy, ratel, redirection, Security, traffic, web
4 Responses to “RATEL’s new law and our privacy”
-
Global Voices Online » Serbia: New Instructions and Law Regulations on Online Privacy Says:
July 26th, 2008 at 11:40 pm[...] Bodiroza, a student of Computer Science at the University of Belgrade, writes on his blog: Serbia’s Republic Agency for Telecommunications (RATEL), has passed a new law regulation (text [...]
-
Global Voices на македонски » Србија: Нови упатства и прописи за приватност на интернет Says:
July 28th, 2008 at 2:10 pm[...] студент по информатика на Универзитетот на Белград, пишува на неговиот блог (АНГ): Српската Републичка агенција за [...]
-
Global Voices in Italiano » Serbia: monitoraggio e violazioni della privacy per utenti Internet? Says:
August 2nd, 2008 at 11:09 am[...] Bodiroza, studente di Informatica all'Università di Belgrado, sostiene nel suo blog: La RATEL ha emanato una nuova direttiva [ser] sull'intercettazione del traffico internet. In [...]
-
unwatched.org Says:
August 5th, 2008 at 10:51 amSerbische Telekombehörde veröffentlicht Regeln zur Überwachung des Internetverkehrs…
…
