As you know, in the world of surveillance, we have lost our freedom, doesn’t matter what country you live in but as an American we have the fear of the NSA and big “GOV”.
Some of us for years have said they could do this and that, of course we have been labeled: tin foil hatters; paranoid schizos; libertarians and that’s far from the truth thanks to recent leaks in the past year. We’ve been right but the sad part is? I wish it wasn’t true. I’ve lost respect for these agencies that I always had the highest regards for, it’s like finding out your favorite superhero is a D.A.R.E. dropout who chain smokes, beats his ex-wife who’s locked in a storage container under 20 Ft. of concrete in an abandoned farm… To say the least, I am sad.
That being said, we as citizens of the Internet must not only fight against being spied upon but really just prevent attackers who want our data that will actually use our data immediately against us, opposed to sometime in the possible future. Which if you haven’t paid attention, I am betting you haven’t, SSL (Hint: The lock you’re supposed to see on “Secure checkout” from eBay, Microsoft, Amazon…?) is the process of pairing two communications together to share a set of data via a Packet. Ideally, if setup right (we’ve seen otherwise), that data transferred is supposed to be merely “IMPOSSIBLE” to MITM attack it or be stored on a server.
So what can you do besides beg these companies to upgrade? We’ll, Google is attempting to go in another direction but really we can do one thing right now that is FREE and available to ALL. It’s called DNSCrypt. This will help on the local level make sure the communications aren’t tampered or intercepted (on the local level at least).
How do you get started? I will assume you’re on Windows (other tutorials are coming and videos now on YouTube – TechMeShow), so download the free edition from the DNSCrypt Site. Now follow the below steps:
- Locate the download (Right-Click the ZIP file and go to Properties and click “Unblock”); Now Unzip the archive (somewhere you’ll never delete or remove).
- Open a Command Prompt (Windows Key + R, type cmd & press enter or OK). Now type cd and type the Path to where the files you unzipped are.
Hint: If you unzipped to Downloads (defaults to your Account on Win7-8), you’d type: cd Downloads/dnscrypt-proxy-win32-full-1.3.3\dnscrypt-proxy-win32-full\bin.
- Lets test the file, go forth and type dnscrypt-proxy.exe and press enter. If it shows “Proxying”, you’re good (see sample).
Setup Network Adapter
- Open a Folder or right-click your Ethernet/Wi-Fi Adapter in the bottom right near your clock.
- Navigate to Control Panel\Network and Internet\Network Connections.
- Find your Adapter, mine is Wi-Fi. Right-Click it and go to Properties.
- In the Protocols list, find “TCP/IPv4″ and click Properties.
- In the second option for DNS, click “Use the following DNS…”.
- First field, type 127.0.0.1 (can’t use periods, match each number with some box shown).
- Press Ok; Now press Close. You’re Done!
How do you know it worked? If you can visit .bit sites like http://okturtles.bit or .dns, you’re good to go. You can also tell by going into your command prompt, and type ipconfig/all and look at your DNS, it should be encrypted.
This is safety for yourselves, when you can’t trust must encryption or security.