Don't Miss It!!...from Covenant Kids

Don't Miss It!!

This time of year is extraordinarily busy - gift shopping, tree decorating, food cooking, family gathering, and finishing up end of the year projects.  We are inevitably tied to our phones and computers, not to mention the distraction of television, Internet and radio. Our lives can get very loud with the sound of work, school, church, appointments and life in general.  Sometimes things get so loud, in fact, that we miss listening to what is most important. We may miss our child asking for attention or comfort; we may miss our spouse asking for quality time or even out on a date; and we all too often miss the still quiet voice of our Savior, asking us to remember He is the reason for the celebration of the season. In a magazine article I read recently, one adoptive father recognized the busyness that deters his attention and affection from his precious daughter. Therefore, he and his daughter began what they call the daily "One Minute Hug". The father simply sits his daughter on the counter, sets the oven timer for one minute, and holds her for the entire minute.  He blocks out the cares of the world and this tells his daughter that for one full minute she is the most important thing in his life - no distractions. We may think just one minute sounds insignificant, but I wonder how many of us don't set aside any amount of undistracted, uninterrupted time to focus on our child. My challenge is that the one minute, once it becomes a habit, grows into two minutes, then three minutes and so on.  When this man's daughter is grown, this daughter can have these special one-minute memories.  Reading this father's article challenged me - have I had my one minute hug with my girls today? Have I taken the time to block out the world and focus wholehearted on each girl and their preciousness? Have I stopped to thank God for his wonderful gift of these children, and for this new day he has given me?  Taking this a step further, have I allowed God to embrace me in his powerful and strong hug today? We are, after all, his children. What an honor that the God of the universe desires to hold us in his embrace! Please don't be so busy that you miss all the really important things in your life. Stop the busyness, and intentionally slow down enough to bask in the wonder of Jesus and the family he has blessed you with today.

  

"Be still, and know that I am God; I will be exalted among the nations, I will be exalted in the earth." Psalm 46:10

Don't be a Petraeus...

Thought this article was interesting considering the way some of us perceive our government and its handling of our freedoms. 

How does this fit into your christian worldview? Feel free to comment below.

Don't be a Petraeus: A Tutorial on Anonymous Email Accounts

Contributed By: Electronic Frontier Foundation

Article by  Erik Bauman, Eva Galperin, Kurt Opsahl and Peter Eckersley
As the Senate Judiciary Committee considers reforming the decades-old federal email privacy law, the personal Inboxes and love lives of senior military and intelligence figures may be on that august body's mind.  When the FBI poured through the personal lives of CIA Director David Petraeus, Paula Broadwell, Jill Kelly and General John Allen, citizens across the land began to wonder how the FBI could get that kind of information, both legally and technically.
So, just how do you exchange messages with someone, without leaving discoverable records with your web-mail provider? This is an important practical skill, whether you need to use it to keep your love life private, to talk confidentially with a journalist, or because you're engaged in politics in a country where the authorities use law enforcement and surveillance methods against you.
The current state of anonymous communication tools is not perfect, but there here are some steps that, if followed rigorously, might have protected the Director of the CIA, the Commander, U.S. Forces Afghanistan, and their friends against such effortless intrusion into their private affairs.
Pseudonymous web-mail with Tor
According to press reports, Broadwell and Petraeus used pseudonymous web-mail accounts to talk to each other. That was a prudent first step, but it was ineffectual once the government examined Google's logs to find the IP address that Broadwell was using to log into her pseudonymous account, and then checked to see what other, non-pseudonymous, accounts had been used from the same IP address. Under current US law, much of this information receives inadequate protection, and could be obtained from a web-mail provider by the FBI without even requiring a warrant.
Because webmail providers like Google choose to keep extremely extensive logs1, protecting your pseudonymous webmail against this kind of de-anonymization attack requires forethought and discipline.
You should use the Tor Browser Bundle when setting up and accessing your web-mail account. You must always use Tor. If you mess up just once and log into the pseudonymous account from your real IP address, chances are that your web-mail provider will keep linkable records about you forever. You will also need to ensure that you do not give your web-mail provider any information that is linked to your real world identity. For instance, if prompted for an email account, do not use another real account during signup; use a throwaway address instead.
Download the Tor Browser Bundle
To use Tor, start by downloading the Tor Browser Bundle by going to Tor Download page: https://www.torproject.org/download/download-easy.html.en, shown in the screenshot below, and click on the Download button for the  appropriate browser bundle for your operating system. The screenshot below shows the Tor Browser Bundle for Windows.

The Tor Browser Bundle is a zip self-extracting archive. Click "extract" to extract the files from the archive.

To start the Tor Browser in Windows, go to Local Disk-->Program Files-->Tor Browser and double click on "Start Tor Browser," shown in the screenshot below:

When the Tor Browser launches, it will automatically test itself to see if Tor is working correctly. If Tor is correctly anonymizing your traffic, it will display a message saying, "Congratulations. Your browser is configured to use Tor." It will also display the IP address that your traffic appears to be coming from. This is the IP address your web-mail provider will see when you go to set up your web-mail account. 

Set Up A Web-mail Account
Now that you have your Tor Browser up and running, use it to set up a new web-mail account, ideally with a provider that you do not otherwise use. Using a separate web-mail provider will help you to distinguish between your anonymous account and your regular email account. Hushmail allows users to set up new web-mail accounts while using Tor to protect their anonymity, which is why we are using it in this tutorial. Note that Hushmail has a checkered history, but it is the only web-mail service we are aware of that allows the use of Tor in this way--something we'd like to see changed.  Google tries to prevent people from signing up for Gmail accounts pseudonymously, and alternatives like Yahoo! Mail are missing HTTPS protection. Without both HTTPS and Tor at the time of creation and use, your account is not truly anonymous.  As an added precaution, you may want to use public wifi at an Internet cafe or a library whenever you connect.
To set up your Hushmail account, go to https://www.hushmail.com/start, shown in the screenshot below, and click the "Try Hushmail" button, which will allow you to set up a free Hushmail account.

Fill in the form shown in the screenshot below. Remember to choose a strong password. You must also check a box acknowledging that Hushmail will cooperate fully with authorities pursuing evidence via valid legal channels. This means that, given a proper court order, Hushmail may give up metadata about your messages--the IP addresses you've been logging in from (luckily you use Tor every single time), the times you've logged into your web-mail, and the email addresses of the people with whom you've been corresponding. Hushmail may even give up the contents of your messages to law enforcement, and has in the past as we note above, which is why you want to make sure that your messages never contain any information that may give your identity away if you wish to remain anonymous. If you are concerned about law enforcement obtaining the contents of your emails from Hushmail, you should encrypt your email correspondence using OpenPGP.

When you send messages via Hushmail, beware the "Ecrypt" checkbox, shown in the screenshot below. This is not end-to-end encryption like PGP. Hushmail will still have access to the plaintext of your email messages. This means that you are not safe from de-anonymization via the clues you type into your pseudonymous emails.

Using End-to-End Encryption With Your Pseudonymous Email Account
Setting up pseudonymous PGP/GPG in Hushmail is an complicated task that lies outside the scope of this tutorial. You are unlikely to do it safely unless you are quite technically sophisticated, and any mistakes could break the pseudonymity of your account. If you do want to attempt to do this, here are some considerations to bear in mind:

• You will need to make a new key just for your pseudonymous account and the other pseudonymous people you want to talk to will need to do the same
• You will need to figure out a way to exchange public key fingerprints with them. Your Hushmail accounts are probably good enough for this.
• You will need to make sure that all of the software you use to handle the key (intentionally or unintentionally) is always Torified
• If you use PGP normally for non-pseudonymous purposes, you will need to make sure that no PGP software uses or produces evidence of one key in the context of your other identity.

Conclusion
Anonymous online communication is a valuable tool for journalists, whistle-blowers, dissidents, and Directors of the CIA. As you can see, it is still quite hard to do and do well, and few people will have the discipline necessary to ensure that their web-mail provider can never disclose their IP address or inter-account linkages, because the provider will never see the identifying information in the first place.  Technologists all over the world are hard at work, improving the usability of all sorts of anonymous online communications tools, and we look forward to the day when all people who need to exercise their freedom of expression can do so safely, simply, and anonymously.

1. Google keeps logs of IP addresses for 18 months, after which they keep logs of three-quarters of the IP address. Three-quarters of an IP address may be still enough to breach your pseudonymity in the case of an FBI investigation.

Cross-posted from Electronic Frontier Foundation