I had this short conversation with several people the other day, where I mentioned about Windows. I wondered why Microsoft has not decided to build the next version of Windows on the BSD kernel. Besides the sin of pride, I really couldn’t think of any technical reason not to.

BSD is a distribution of Unix created by UC Berkeley. Unix is an operating system developed in 1969. Through the years, it has evolved into an extremely secure and stable OS. People who use real computers (not toy computers) use variants of Unix. There is no technical reason why Microsoft cannot just use BSD and rid the whole world of numerous security problems. A company that has finally decided to do exactly that, after going their own way, is Apple. Just in case you didn’t know, Apple uses a BSD operating system. They then designed a ultra cool user interface on top of it. Microsoft could always copy Apple – they do it all the time anyway.

1. Backwards Compatibility
   Some people may think that Microsoft needs to maintain backwards compatibility. Therefore, it cannot make a major architectural change like that. I laugh inside whenever I hear this. However, most people are not familiar with the Church-Turing thesis and therefore, I must forgive them. Microsoft is not the scion of backwards compatibility. They often break compatibility within their own products.

   Apple has shown us that backwards compatibility is certainly possible. Few people realise that you can run Apple II software on a modern Mac. This is ultimate backwards compatibility. The Apple used to use a Motorola 68K microprocessor, then moved onto the IBM PowerPC before finally turning to Intel x86 today. Apple has shown that not only is backwards compatibility possible, even software written for an entirely different computer architecture can be kept compatible.

2. Proprietary Software
   Some people may think that Microsoft has a lot of secret sauce that it needs to keep hidden and using an open source OS like any of the modern BSDs will force it to reveal its hand. This is a myth because the BSDs are distributed under a very permissive BSD license, which basically allows you to do whatever you want with it, including building proprietary software out of it.

   In fact, Apple again has shown how to do it. Apple has plenty of secret sauces that Microsoft is still failing to copy successfully. Apple has built them all on top of BSD and does not need to share it with the world if it does not want to. It all comes down to the terms of the BSD license. It is more commercial friendly than say, the GPL that is used by Linux. That’s why I’m suggesting BSD instead of Linux Windows

3. Technical Superiority
   This is another laughable excuse. While many people are heralding the technical superiority of Windows 7, please remember that they are comparing it against Vista, not any of the Unices. While they herald the resource savings of Windows 7, please remember that a full fledge BSD install with graphical user interface can fit inside 128Mb of hard disk space or less, using even less memory. While users try to fight off the ‘infection of the day’ on Windows, the Unix people are free to do something useful with their time instead.

So, I sometimes wonder why Microsoft still wants to go it alone and re-design their OS from the ground up so many times and still fail to get it right. Their track record has shown that they just cannot write quality software. Since there is already a proven 40 year-old OS out there for the taking, it is really stupid not to just customise it and use it.

The other day, a friend of mine tried out Linux for the first time and asked me what anti-virus he needed to install. He did not quite believe me when I told him that there was no such thing. Those that are written for Linux, such as ClamAV and F-Prot, are actually designed to kill Windows viruses, not Linux ones. Seriously. You do not know what it is like to live in a virus free world until you have entered the world of Unix. It is totally refreshing and fun.

Microsoft should seriously consider doing an Apple. It will end up doing the whole world a favour by introducing ‘safe computing’ to the masses instead of introducing new infections with every new version of Windows.

A random thought occurred to me while I was taking my morning shower. The thought wandered towards criminal activities and how the disconnect between technology and law can be used to the advantage of the criminals.

While encryption is a powerful tool that can be used, as the little comic above shows, it is most easy to compel the criminal to surrender the password or keys to decrypt the information. However, there is another bit of technology that will come in useful: virtual machines.

As the name suggests, a VM is a software implementation of hardware. It fakes software into thinking that it is running on real hardware. Simply put, it allows a virtual computer to run inside a real computer.

To the end user, a VM can behave just like the real thing. In fact, an entire industry has sprouted up in selling ‘virtual servers’ for people who wish to have their own servers. It is a cost saving measure as several virtual servers can share an actual server.

Now, the thing is a virtual server is just like any other software. In fact, Xen advertises the fact that they have live migration capabilities – the ability to transfer a running virtual machine from one real machine to another, via the network.

This means that a criminal, should do all of their illicit work in a VM. Then, when they law comes knocking, they can just transmit the VM to a machine located elsewhere. If the machine is located in an unfriendly foreign country, this will frustrate any attempt to retrieve vital evidence from the VM.

However, the authorities can still compel the criminal to transfer the VM back into the host country. C’est tres interessant, n’est pas?

In a recent blog entry on Education Malaysia, Ong Kian Ming mentioned setting up a neighbourhood network (NN) so that kids would be able to play multi-player computer games at home and they would not need to hike off to the seedy cyber-cafes (CC) for their regular fix of group fun. However, it dawned on me that this NN is an excellent idea.

Disclaimer
The kind of network that I am describing can be seen as a form of wireless mesh network. Incidentally, the OMRP, which is an open hardware/software platform for implementing wireless mesh networks, uses my aeMB processor at its core. However, none of what I have to say, is processor dependent.

Installation
It is extremely easy to set up a NN today. Gone were the days when cables had to be lain from point to point. Today, we can just do the entire thing with WiFi. If every family buys a wireless router and sets up a home zone, all these zones can be combined together to form a blanket network. This can be achieved using something called the Wireless Distribution System (WDS), which is present on almost all modern routers.

Applications
There are some very obvious applications with the NN.

It would now be fantastically free to call up your neighbours on voice-over-IP (VoIP) technology. There is no need to use any phones to ring up your neighbour. Furthermore, you don’t need to limit yourself to just streaming voice, but you can also stream video over the network. So, it would be easier than ever to bug your neighbours. Of course, there are many other more creative pursuits that one can pursue using this technology.

With a network communications infrastructure in place, it would be trivial to install various IP-security devices. There is a lot of interesting work being done in the field of sensor networks, which generally employ a large number of simplistic sensor devices to produce all kinds of telemetry data that can be analysed for any number of applications. This brings the neighbourhood watch to a whole new level.

Issues
There are some legal issues to deal with, especially if the NN shares multiple Internet connections. The NN can combine and aggregate these multiple connections into a single large pipe. However, ISPs often have legal restrictions in place on the freedoms of end-users to ‘share’ their connections. Obviously, if a resident does something illegal on-line, it creates a whole host of legal issues as well.

Anyway, this sounds like a great idea to me. Maybe, instead of rolling out a state-wide WiFi infrastructure, our local governments should actually focus their resources at setting up and linking a number of neighbourhood networks. The people can help fund the project by supplying part of the equipment while the government takes care of the pipes linking the disparate networks and the Internet.

I find this article from TheStar particularly funny. The article says that, “there is no need to conduct a physical evaluation test on the Eurocopter EC-725 Cougar helicopter prior to purchasing it because the Royal Malaysian Air Force has the helicopter’s technical data and documentation.”

As you all know, I have been going car shopping recently. I have already placed a booking fee for the car pictured above. Well, not exactly the car pictured above as I went for the brown silver instead. Also, I told them to get rid of some of the ah beng body work on it. Hopefully, I will be taking delivery of the car in a couple of weeks.

I had been holding on to the sales and specification brochures given to me by the sales people. I spent the last week studying it in detail and researching what the different things mentioned in the brochures actually mean. I have also been checking out online forums and reviews of the car to see if there were any major shortcomings for the car.

Then, after considering the quality/price, I made a preliminary decision to get this car. However, I still insisted on actually test driving it before making my final decision. So, I called up the nearest showroom and got them to send me a manual transmission (autos take the pleasure out of driving) model for testing. I took the car out for a little test drive around my housing area.

During the test drive, the sales person kept talking about the virtues of the car while I kept talking about the bad points (to try to drive the price down a little). In the end, I found the handling of the car to be a pleasure to drive and I could feel the latent power lying in the engine. I intend to do a further inspection in order to ensure that there are no defects before taking delivery.

So, I think that I did more due diligence into buying this car than our Ministry of Defence did for buying RM1.6billion worth of Eurocopters. I kind of shiver at the idea of placing our national security in the hands of these paper soldiers. Now, I truly wonder if we actually tested to see if the submarines we’ve purchased could sail through the Straights of Malacca.

I guess that the opposition government are finally getting on with their job of checking the government. I guess that they have given up on the notion of wresting control of power from the ruling government. They should just focus on doing a good job of being a strong opposition and take the next 4 years as an opportunity to learn about the intricacies of government.

It seems that the show is starting…

RPK has just been arrested under the Internal Security Act, today. He obviously knew that it was coming and he has been well prepared for it. Whether or not it was right to detain him under the ISA is another question altogether. Some will think that the government has abused it’s powers while others may think that it was justified. We can argue about this till the cows come home and it won’t change a thing. Personally, I am not really sorry for him as he is well aware of the consequences of his action.

The person that I’m feeling sorry for is the reporter from SinChew who reported on the idiotic remarks made by one specific UMNO politician from Penang. All that Tan Hoon Cheng did was to do her job, which is to report incidents as they happened. Nobody has come out to deny the reports. In fact, the person who uttered the remarks has since admitted to doing what was reported.

So, it is really funny when the person who uttered the racist remarks, is still free while the reporter who merely reported the issue, is now under indefinite detention in Kamunting. I think that the government is doing her a big favour. Her future is now secured.

Since she is from Penang, all she would need to do is to run under a DAP ticket for either a state seat or a parliamentary seat. ISA detainees are not criminals and have the right to run for office. Then, even if she is still languishing away in Kamunting, she will need to be paid a salary as a politician. If she stays long enough in ISA and wins for two terms, she will then qualify for a full government pension.

And the latest news is that Teresa Kok, the MP who won with the largest majority in parliament of 36,600 is now under ISA detention as well. I cannot possibly imagine how much her majority is going to be in the next general election. They should have a new category in the Malaysian Guiness Book of Records for her. I think that her majority in the next GE is going to be enough to form a small town by itself, probably in the 50,000 range.

This is a live action comedy in the making. I should go get some pop corn and sit and watch.

I successfully made it home in one piece, although there were several interesting things that happened along the way. I think that this is probably the most eventful flight that I had ever been on. So, I thought that I’d share a few of the things that had happened on that fateful day.

It all started with the coach ride to the airport. When we left Stansted, the coach driver informed us that all reports indicate that the traffic situation was fine and we should arrive at Heathrow by 7pm, which gave me 3 whole hours to get myself checked in, have a light dinner and then fly off home. However, fortune was not as kind and it rained heavily causing the M25 to jam up. Therefore, by the time the coach arrived at Heathrow, it was already well past 8pm.

So, I quickly rushed to the check in counter and had my luggage weighed. I was really unfortunate and got an extremely unhelpful person at the check in counter. He even asked that I weigh my hand luggage and he added all that to the total combined weight. This resulted in an additional 20kg and I had to go to the service counter at the other end of the terminal to check the price. When I was told that my excess luggage would cost almost £900, I balked. That was the price of two whole tickets!

I was hungry, tired, late and now this. So, I decided to dump all my clothes. I sat in the middle of the terminal and started tossing almost everything out except for my suit. I thought that for RM7,000 I could easily afford an entirely new wardrobe of clothes. So, I tossed everything out including the few nice barong shirts that I had. This got my weight reduced by about 7kg but it was still too heavy.

But I met the same unreasonable counter staff again. He told me that I was still over by 10kg but that I would have to pay 15kg of excess. I could not understand this logic and called his supervisor over to discuss this with. After some reasoning, the supervisor decided to raise my baggage allowance and only charge me for an extra 5kg, which came up to about £200. This I gladly paid as I could possibly get it reimbursed by my sponsor later.

After checking into the flight, I decided to go back to the place where I tossed my clothes to collect them and properly dispose of them. But by the time that I got there, the place had already been thoroughly cleared. I guess that passengers tossing their clothes must be a very common thing and the efficient airport staff and already disposed off it on my behalf. So, I went through security and got on my way.

While in the departure hall, an elderly Malay man came over to sit with me. So, I struck up a conversation with him which invariably led to the talk of Malaysian politics, which is quite interesting at the moment. But I noticed several people staring at me with an evil eye when I was chatting with the elderly chap. Then, I finally asked him what he did for a living and he told me that he was the MP for Bukit Gantang, one of our opposition politicians. He promised me that they would seize power by September 16 and I reminded him that it has to be done legally.

Then, as I boarded the plane, I ended up sitting next to a young girl that looked extremely familiar. So, I asked her if she was a Part II engineering student at Cambridge and she said that she was. So, I asked her what she was doing going to Malaysia and she said that she was going home. This kind of shocked me as I didn’t ever realise that she was Malaysian. I can chalk this up as another random Malaysian whom I know, that no one else knows. So, at the very least, I had someone else to talk to during the flight and it wasn’t as dull or boring a 12 hours as I thought it would be.

So, anyway, I’m back!

I love Battlestar Galactica. it has, once again, taught me something useful in life. According to an article in TheStar:

The armed forces will be called in to assist police in maintaining public order if the security situation of the country warrants it.

In light of this comment, I am reminded of the following quote by Commander Adama:

There’s a reason we separate military and the police: o­ne fights the enemy of the state, the other serves and protects the people. When the military becomes both, then the enemies of the state tend to become the people.

I do not want to see the military in our streets. If that ever happens, we are just one step away from Zimbabwe.

I have found out that I am living in the same house as a few ball crashers! I have asked them about their adventures and it all sounds fairly exciting and interesting. This is May Week and there are so many Balls being held at the different colleges. So, it’s the busiest week in the year for the ball crashers.

The first interesting thing that I found out is that there are many groups of ball crashers working during this time of the year. There are some famous crashers that my friends have called the professionals. They are the people who go about crashing as many balls as possible and have all the necessary information to do so.

Information, that is the most important information that one needs to crash a ball. I was surprised to find that there are so many back doors into a ball and that these information were passed down from one generation of ball crashers onto the next. My friends had passed on some information to what they called noob crashers. You can always identify the noob crashers by the fact that they’re dressed in white.

Another tip that my friends told me was not to crash a ball with girls in tow. I can imaging how it might be difficult for a young lady in a beautiful ball dress, to climb over the walls and fences necessary to infiltrate a party. It may also involve trudging through the bushes and trees in order to avoid the ever vigilant guards who are working security on the grounds.

And the guards can get rather sneaky at times. My friends told me that they met a guard last night, who actually turned off his torchlight and tried to catch them in the dark. It was only when they heard the sound of someone moving through the bushes and decided to retreat, that the light came out. Then, my friends ran away as quick as they could.

The only punishment for getting caught crashing a ball is a quick escort off the grounds. This makes the punishment as £0 and the pay off, potentially worth more than a £100 per ball. This is no wonder why the ball crashers actually bother to try. It is a challenge with no risk and a decent pay off of more than £1,000 if they crash as many balls as possible successfully. However, there is a possibility of injury. A friend of mine hurt himself last year, as he was trying to escape from a guard. While running through the bushes, he tripped and fell. As a result, he hurt his leg.

I actually gave my mates a few ideas to crash a ball and they may try it tonight. I even told them that they should actually formalise this activity, have an underground ball crashers society or something. Information is the most important commodity when trying to infiltrate security. Inside information would be even more valuable. If you have a few friends who are on ball committees, the information gleaned there could be invaluable.

My friends said that the knowledge pool is a two-edged sword since the people working security could also use the information to plug the holes. My argument is that this is good. It is just a process of evolution which will result in the ultimate ball crashing strategy coming on top. You will end up seeing more elaborate schemes being hatched to defeat an ever improving security.

Exciting.

PS: According to my friends, Google maps comes in really handy when you need to scout out the location.

My favourite humanities professor, who taught me cultural anthropology, used to say this often. He said that the history of Man, is entirely about production and reproduction. If you look at the way we often look at history, his statement is rather true. History was essentially about lineage and what great people did. Hence, the two words. This random memory popped into my head when I read this article in the Beebs.

A local council employee in Japan has been punished after it was discovered he had accessed porn websites at work more than 780,000 times in nine months.

Shock! Horror! How could anyone possibly surf for porn at the rate of 20 pages per minute?! The dude must have been neither productive at work, nor reproductive at home. Granted, I’ve recently learnt of how progressive the Japanese are at sex but this is just a bit too much. I cannot even begin to put my shock and horror into words. The fact that he was 57 years old, shocked me even more.

He only got discovered after he caught an infection from a visit to a porn site. His computer caught a virus, which alerted the tech people in his office, who then investigated the source of the infection and discovered his habits. If you read this paragraph again, it’s kind of funny how, someone can catch something by visiting a porn site. It’s kind of ironic.

Well, I know that some people do regularly surf porn in the office, cause of the high speed connections that companies usually have. I’ve personally seen it happen at a place that I’ve worked at before. Some companies institute certain policies on what their networks can and cannot be used for. Most companies aren’t tech savvy enough to have such policies on paper. Regardless, it’s not always easy to police these policies.

The only way to do it would be to adopt a “default deny” security policy, which means denying access to every website unless it’s on an approved whitelist. But this will hamper the productivity of workers who are surfing genuinely work related websites. As a result, most companies adopt a “default allow” security policy, and only block access to certain time wasters like facebook and youtube. But it’s obviously impossible to catch everything like this.

What’s actually needed are Artificial Intelligence based network monitoring systems. Systems that can decide But these are still in their infancy and unfortunately, there has not been much progress in the field of AI for decades. But I digress.

So, in conclusion, I do think that there’s some truth in the belief that the adult industry is the largest one on the Internet. There’s just not been any conclusive study done on this matter. Maybe some economist should study this.

In light of recent developments in Malaysia, with the computers of certain prominent anti-establishment bloggers, consistently being confiscated for dubious investigative purposes, I thought that it might be a suitable time to write a little about information security. The whole idea behind information security isn’t to foil justice, but to make sure that the rights of people are not infringed.

With harddisk sizes going into the Terabyte range, there are lots of things stored on a person’s personal computer, including personal information that nobody has any right to access. Sometimes, these confiscated computers are subject to random checks in the hope of finding something, anything, that can be used to entrap the owner. So, let’s start with the basics.

Email Security
Although the technology has been around for more than a decade, I’m surprised that most people do not know about it, much less use it. Email, is transmitted in the clear. So, anything that is said through an email, can be easily intercepted and read by others. The only way to protect the content of email messages is through the use of public key (PKI) cryptography.

The most commonly used software is PGP or if you want an open source version, GNUPG (GPG). Both these software integrate fairly well with all popular email programmes, whether it be Outlook, Thunderbird or Kmail. So, you wouldn’t even need to know any voodoo to get it to work. If you use a webmail programme, these tools also provide a regular text based mode, which can encrypt/decrypt plain text documents, which you can then cut-and-paste into the webmail client.

This software allows you to encrypt every email that you write, so that the only person who can read it is your intended receipient. So, I would urge everyone to install and learn how to use these tools. These tools should be used for all business communications as well, if you don’t want your competition eavesdropping on your sensitive communiques.

How PKI works is by exchanging public keys. A public key is a very large number that is represented in text, as shown below. When you send me an email message, your private key and my public key is used to generate a secret key that is used to encrypt the message. When I receive it, I will be able to decode the email using my private key and your public key. So, at no time would either of us need to expose our private keys. All these things happen mathemagically.


-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBEga0Q0RBACFdq6c/juNDkjeSRUGmm1/GpzjwRLIciAcg1OazBonr1NlPUzN
BPXFmDg2pKL1apeqOExe/Im3d0qTAfT/sYVJlBVH7CzkupNQo7juGYuHFLgTwnUk
VjLDj1/hln3+h4sQOPnB8VurJVjZjlzs1RJ+xjDV776T0ENN399upLy/CwCgxxpv
ndbFYj4R1YXx5fPH9bzacVsD/Aq9muuTmla2MsIdYzPH4Sy815KiwmH2NjqzOMqx
Gejhi64DT5J5zkvLrCdCSRm3qO1vsqmeBgh29rlMnj8n0pEJh9IXROA+0ZBz6DvM
xfcuKh3WWUQH/2krv0veUN3PIwq6DF6/+6WPCyQ6aXf3oG8KAXUbILGah5oht/YK
WW3dA/0QV5n+ZEujzdUsbJwGmpP+GNJmCUht84vDX3vA9vgrVeIankNJDR1ciy4w
ixynfNJoHUCZkHwsgez4v0Q5hINmbcvdG3ntDJ1rjUwbnRevcd4QOMNZ6LzkGevv
Rux8x2DaRZ1Gmho4jjEi3yK0/5+rsUhs2GR3R4HvTEdcjXO4GLQ6U2hhd24gVGFu
IChibG9nLnN5YnJlb24uY29tKSA8dGhvdWdodGNocm9uaWNsZXNAZ21haWwuY29t
PohgBBMRAgAgBQJIGtENAhsjBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQuTQe
A25Xp36AaQCgk3UGGwhTztW0KXKb30gyM+zemR0AnihZtSHA3JEzl4/CxrLzgUXF
Q6KruQQNBEga0R4QEADYLIytkrGyuF/zBicecnKandG1iM4Eo8gx0E1kaqp0VWMP
QkRCU+un9dYdfQXYXZ5UH1jz7nfJ13I1K5kSmOX1EUpRwVh13wH61xYAI9YPxbWL
ZVylLlqWl0hKJIBaRsu+xQA/syrdfMnaGMODRIutCcEbScPEDlMYZ0B2qb9r9H7B
Yr+oiggTToLA336qQtb9/qKV8hF8ELQP561hBjjvoAPm4lbiUfRW3SFAO81tX3Tf
Yuq5iKa2r0mfKvFqy/y4OpBnp3KGmj8yurM6avIUonK5w918LVlXyz5t5d5pLoou
ug7K69EglehqfIWgvmUjIjHYAHgz9qCJrQgc26zcVJbxkp+FJo86B0kYZwV71q2h
u/oZjicl1fvklHon2HtU4IvzE6vxEHJuYZLU8pPYga1CBwApS8A4GOt8uo5zen0i
MdiW/i9uqlpK1wnhBkBLQqOrE91trd/YLTYMHox9j3KbGdEsad6A9djyX/F4XD7V
xA4XJjZn9qGyr8bfvkZEsOLxtX3NSEIfy2SeHlOKsdalA5C/Hl0ZXA2cGmHCrq9c
o198KiHA0MCc/DTlpGYCKmc+Ccl2Tk88sU4Ps5FY4j+5sYjErqHa1ydVVM/WZgHw
zYOVFouy+SXLElUhb5+BvXkUdy+NJ9sZmghc8/nUUk3v45xiuvcd0XbEmrKdIwAD
BRAAggsJeaphgBchuUo6aJrfN5RaQkoN57sMJXpPnY3bdPQWim0J73VR0dJk8GTM
NrK+QuW9yB5o2j8afQWr5o0ANiWdcJE3uGMj9TrcmM13C5h9MjOU/DjdQZF8CpRR
sxWX7bE/FW/Okg0PSMkiMfKr/mD9z50rsXu8fHayH+/cR4T5aJZqE4yPhU8vN4+1
HUhMM3rTshFqZM0eHbht/6n0UvIUpA2RRfxs+orKw0HchFXdzB4Bm2ApuPSwN6r7
7eeyHGrfEIGc3oKTRPsKFVfHfckk28fT9f67nYuY/2Y5MeXCxfH686HG7IvXs8v8
V6mkJ90jTtDas0gFu8aKFP7Ktzikp40Igq9KhUs/66EOAaHwhlvh+Eg/buyuYKw3
x8ylQD5tmuNdSYEUpf+XnpmpUv1K2vhJG8g5OmTQmctOUnQzacBQ4BxjGLMekhRR
ZKOz3DV0v/VQ9A6kZZaSRcTQL/cHFQz7HEbL1kXrk5ZgWCkPaNcUQFcu3ncTnleK
dWn5c9Dq5chnGEFfDOMLdaDxGkPo+Xu8KgcOVZRuZLrt+JQEhsR6qOtGtNShuiDn
8ZqZuAzkGmeav6gu6+Jd2Z4JDrlWefBSQruJ8bdtZF0nbJieiuicROtmIVzE0pej
zz/OIXAQbX8QiUFVKVleysStia3dNT+0q4dyzNLJwXxms9eISQQYEQIACQUCSBrR
HgIbDAAKCRC5NB4DblenftGnAKC6gz+rONxPB0e7nq+/IGqxXUqCogCfdsLOTB6g
W0b5lFsUSMRw1HBmQEk=
=wwef
-----END PGP PUBLIC KEY BLOCK-----


Any eavesdropper would only end up reading a bunch of random letters and numbers (much like the ones above). As an additional step of protection, do not store your emails locally in an unencrypted form. Leave them encrypted and have your email programme decrypt them each time you wish to read them. All these steps add an additional layer of protection.

There are no known exploits that can easily defeat this scheme, at least not until computers can factorise extremely large numbers quickly enough, at which point, you just double the size of the encryption key and continue using it. The easiest way to steal a PKI protected email is to just haul you to court and force you to divulge it’s contents.

Harddisk Security
It’s no use just protecting our communications channel if we do not protect our data storage as well. So, all harddisks, whether internal or external, should be encrypted. Truecrypt is a tool that runs on all platforms, which allows on-the-fly-encryption (OTFE). OTFE essentially intercepts all access to the harddisk and encrypts anything being saved and decrypts anything being read, transparently.

So, if you ever lose your laptop due to carelessness, theft or legal confiscation, at the very least, your data is safely tucked away. Anyone who tries to access your data without the correct keys, will only end up reading a bunch of random gibberish again. So, all your private communications, photos and videos, will be protected under heavy lock and key.

However, there is one caveat to using OTFE encryption, which only applies if you’re traveling to the US. The government is legally allowed to make copies of your harddisk data at the border. If your computer is encrypted, they are also empowered to deny you entry or to confiscate your computer. So, it may not be a good idea to travel with encrypted data through US customs.

There is one currently known exploit, to defeat this system, but it involves a lot of preplanning. The attacker would need to physically compromise your computer within minutes of it being shutdown, and preserve the memory contents by freezing your memory module, as illustrated through the following video. The solution to this problem is to not leave your computer running, unattended. Given enough off-time, the following attack would not be plausible.