Category Archives: Jitsi

Download a PDF version of this article.

By: Shane Radliff

May 25, 2015

Jitsi is an open source platform similar to Skype and handles messaging, audio calls, and video calls. In addition to that, Jitsi comes stock with Off the Record (OTR) and Zimmerman Real Time Protocol (ZRTP) to provide secure communications.

OTR is the program used to encrypt messaging, while ZRTP is what encrypts VoIP (Voice over Internet Protocol) calls.

Since Jitsi comes stock with OTR and ZRTP, the install is quite simple; but to ensure simplicity and accuracy, I have decided to do a tutorial for the configuration and use of Jitsi on a Windows OS.

Note: I dont think the set-up for Windows vs. Mac is much different, so its possible you could use this for Mac OS too.

Downloading Jitsi and Setting up the XMPP Server

1. The first step is to download Jitsi.

2. While youre waiting for Jitsi to download, youll need to set-up an XMPP server. Head over to DuckDuckGo and sign-up. Note: make sure to remember your email (xxxx@dukgo.com) and password as you will need that to log-in.

3. After you have set-up your XMPP server through DuckDuckGo, youll need to open Jitsi.

4. Once Jitsi is open, youll click File and then Add New Account. It will give you a few options but youll want to login through the XMPP Server option (near the bottom of the list). Youll use the log-in information that you signed up with on DuckDuckGo. Note: the email will be something like: xxxx@dukgo.com.

Setting up Off the Record (OTR)

5. Next, find a buddy and add them. Youll do this by selecting the File dropdown and clicking the Add contact button.

6. Once you two are friends, youll need to highlight their name and click the message icon to start a conversation. Next, youll click the lock in the top right of the chat box. A dialogue should appear that states: John Doe is contacting you from an unrecognized computer. You should authenticate Youll then click the hyperlink to authenticate your buddy.

7. Once you click the link, a new window will appear. It will show your fingerprint and also the purported fingerprint of your buddy. At this point, you will have to use a separate channel to authenticate. That can be done by a VoIP call, phone call, or in person. Youll read your fingerprint and then your buddy will read theirs. If they match, then you will click Authenticate Buddy.

8.After you click Authenticate Buddy, check the chat window and make sure the lock is green and has no further warning messages. If its green, youre now using Off the Record encryption in your messages with the buddy you verified. Note: keep in mind, youll have to do it separately for everyone you chat with, but you will only have to do it once for each.

Setting up Zimmerman Real Time Protocol (ZRTP)

9. Highlight your friends name and click either the audio or video call button. It will take a few seconds for it to connect and then it should start ringing.

10.At that point, you will see a button in the middle of the call window that says connected with an unlatched lock. That is indicating that ZRTP is not connected.

11. After a few seconds, there will be window that opens up at the bottom of the call window.

12. At this point, the call is still not secure, and you will need to verify the key with your friend as an additional security measure. If the codes match, then you will click confirm and close out of that window. ZRTP should be connected and you can verify that by making sure the lock is now closed and green.

If you made it through all the steps and followed the instructions, you should have Jitsi, ZRTP, and OTR configured. If not, and youre having some problems or technical difficulties, please take a look at these two videos and they should be able to answer any questions. Alternatively, view the tutorial made by the Pillow Fortress blog by clicking here.

If for some reason those do not work, please email me or call me at 309-533-7857 and I will assist you with getting it configured properly.

Youve just taken a great step in ensuring private communications and have also began implementing a security culture.

I would further recommend encrypting your email as well. A colleague put together a great tutorial on setting up Pretty Good Privacy (PGP), which you can find here.

Lastly, if you feel like there is something missing in the tutorial or that something needs to be explained better, please let me know. This will be updated as needed when I get feedback.

Shane is the founder of Liberty Under Attack Radio, The Vonu Podcast, and LUA Publications, an independent publishing company. He has been a guest on many podcasts and radio shows and his work has appeared on sites all over the alternative media. When he's not producing content (which isn't often), he enjoys riding four wheelers, reading, and drumming.

See the original post here:
How to Configure and Set-Up Jitsi - Liberty Under Attack

How to join Jitsi Meet video conferences over the Web

If you do not already know what Jitsi Meet is, here is the official homepage. Jitsi Meet allows you to create and join video calls over the Web (even as a simple viewer). Some of its features are: encrypted by default, no account needed, invite by pretty URL https://mysite.com/myroom

Thanks to UV4L it is possible to create or join an existing room and broadcast live video and audio to all the participants or viewers in the room from a camera and a microphone connected to the Raspberry Pi. Its also possible to automatically hear and see other participants if you have speakers and display (HDMI, touchscreen, etc) connected to the Raspberry Pi. Of course, other participants can be other Raspberry Pis. The great news is that you do not need any browser installed on the Raspberry Pi to do this.

Its necessary to install the required packages before proceeding: uv4l, uv4l-server, uv4l-webrtc, uv4l-xmpp-bridge and one video driver (e.g. uv4l-raspicam, uv4l-uvc, etc). Please refer to these installation instructions for more details.

To start and stop streaming to a particular Jitsi Meet server (called videobridge), its enough to invoke the corresponding commands by means of the UV4L Streaming Server installed on the Raspberry Pi. This can be done in two ways.

The first convenient way is through a browser by using the Jitsi Meet control page available at the URL the Streaming Server itself is listening to (e.g. http://myraspberrypi:8080), from which its possible to specify all the mandatory informations (i.e. XMPP and/or BOSH signalling server, chat room, your username and password) required to establish a connection and to click on start/stop buttons in order to join or leave the specified room respectively.

The second way is to invoke the start/stop commands via HTTP/GET requests sent to the Streaming Server from command line. For example, to start streaming to the videobridge which is at the base of the official, free-access Jitsi Meet service at meet.jit.si, type (in one line):

where raspberrypi will have to be replaced with the real hostname of your Raspberry Pi in your network (it can be localhost if you are executing the command from within your Raspberry Pi) and port will have to be replaced with the real port number the Streaming Server is listening to (8080 is the default). The above command will make the Raspberry Pi create or join a conference at http://meet.jit.si/testroom.

If the UV4L Streaming Server is providing HTTPS instead of HTTP, be careful to specify https://[] in the URL. You may also desire to add the insecure option to curl to turn off the verification of the servers certificate (see the curl manual for more details).

Please note the parameters in the URL that you are allowed to specify:

server (XMPP server hostname or ip address) port (port the XMPP server is listening to) muc (multiuser chat domain) room (desired room you want to join or create) room_password (room password, if the room is protected) username (desired username in the chat room) password (password if the server is password protected) reconnect (try to reconnect after disconnection) bosh_enable (1 if you want to use BOSH signalling, 0 otherwise) bosh_server (usually HTTP(S) server hostname for BOSH) bosh_tls (1 for HTTPS, 0 otherwise) bosh_port (typically 443 for HTTPS, 80 for HTTP) bosh_hostname (connection manager hostname, typically the same as bosh_server) action (Start or Stop streaming)

All the above settings can be optionally specified once for all in the UV4L configuration file (except action) (see the uv4l-server manual for more details).

Similarly, to stop streaming:

If you are protecting the UV4L Streaming Server with a password, then the above URL will not work. In this case, you must specify user and password in the URL as in the below example:

Go here to read the rest:
Jitsi Meet (advanced) Projects

Global Voices Online

Diaspora* and Other Free Software Are Available in the Occitan Language, Thanks to Volunteer Translators Global Voices Online Quentin Pags, who speaks the Lengadocian dialect on which Standard Occitan is based, is one of the members of the translation team and also collaborated on the Occitan translations of other platforms, such as Jitsi Meet, Wallabag, Framadate and ...

See the rest here:
Diaspora* and Other Free Software Are Available in the Occitan Language, Thanks to Volunteer Translators - Global Voices Online

This is not an easy time for journalists all over the world, with the discoveries of surveillance on citizens, which includes journalists and their sources.

The old-fashioned promises Im not going to reveal my sources identity or give up my notes are kind of empty if youre not taking steps to protect your information digitally, says Barton Gellman of the Washington Post, whose source, former NSA contractor Edward Snowden, helped uncover the scope of the NSAs and British GCHQs operations.

Senior journalist Michael Dagan believes that it is possible to make it difficult for anyone to intercept your emails, the text messages youre sending or your phone calls, using a range of methods.

He has written a guide to his colleagues all over the world, which can help them protect their work and fulfil their mission.

Here are some of his tips to ensure that a journalists sources and data are secure and well. Access to the full guide is at the link below.

1. Beware of big names:Presume that large companies encryption systems and possibly even big name operating systems (proprietary software) have back doors that secret services in their country of origin (at least in the US and the UK) can access.

2. Always encrypt everything:Security experts use simple math to make their point: as you raise the cost of decrypting your files (say, for intelligence agencies like the NSA), you automatically increase the degree of effort expended on following you. If youre not Chelsea Manning, Julian Assange, or Edward Snowden and if you werent involved in active surveillance around Trump Tower apartments, they may give up the effort even if your encrypted communications were stored. And should anyone decide to track you despite your efforts, it will be more of a headache if you use strong encryption like AES (Advanced Encryption Standard) and tools like PGP or open VPN, which are the strongest widely available encryption methods (VPNs are used by the US government itself). But if you want bullet-proof security, you will need more than the AES encryption method. P.S. if you want to discover the year your information landed at the NSAs hands, just have a peekhere.

3. Perform full disk encryption:This is done just in case someone gets their hands on your computer or phone. Full disk encryption can be done usingFileVault,VeraCryptorBitLocker. Putting a computer to Sleep (instead of Shutdown or Hibernate) may allow an attacker to bypass this defense. Here,Mika Leegives a complete guide for encrypting your laptop.

4. Avoid chatting with sources on the phone:All phone companies store data related to the caller and the receivers numbers, as well as the location of the devices at the time calls were made. In the US and several other countries, theyre required by law to disclose information on registered calls in their possession. What can be done? You should use a secure call service, such as the one the Signal app which was tested repeatedly for security possesses. Although this may mean that both the source and the editor need to download the appas well, the process takes just a few minutes. Here is aguideon how to use it. Just for the hang of it, check out how many of your non-journalist friends are hanging out there. However you choose to communicate with your source, do not bring your mobile phone to sensitive meetings. Buy a disposable device and find a way to convey its number to the source in advance. The source needs to have a disposable safe device too. Authorities can track your movement through cellular network signals and its advised to make it harder on them to locate you retroactively in the exact same cafe where the source was sitting. If you fail to follow this rule, all local authorities will be required to do is ask (politely and legally) for the video filmed by the cafs security camera at the time of your meeting.

5. Choose secure messengers:your calls (cellular ones and via landlines) can be monitored by law enforcement agencies and each SMS is like a postcard all text is fully visible to those who may intercept it. Therefore, use Messengers that allow for secure end to end call: signal, which was already mentioned above, and Telegram are considered to be the safest (although Telegram as well as WhatsApps web apps were compromised once and then fixed). According to some experts, you can also consider using SMSSecure, Threema and even Whatsapp.The Signal Protocol has been actually implemented intoWhatsApp,Facebook Messenger, andGoogle Allo, making conversations using them encrypted. However, unlike Signal and WhatsApp, Google Allo and Facebook Messenger do not encrypt by default, nor notify users that conversations are unencrypted but offer end-to-end encryption in an optional mode. You should also keep in mind that Facebook messenger and WhatsApp are both owned by Facebook.Adium and Pidgin are the most popular Mac and Windows instant messaging clients that support the OTR (Off the Record) encryption protocol and Tor the webs best encrypted browser, which we will get to in detail later (See how to enable Tor in Adiumhereand in Pidginhere). Naturally, you could also use the Tor Messenger itself, which is probably the safest of them all.Two final notes on texting: A cyber security expert Ive discussed this with, says you should also have a working hypothesis that text is encrypted but the fact that these specific two individuals are talking, at this present time, might not go unnoticed.The second note is you should also remember to delete the messages in your phone (although this may not be enough to withstand a forensic check), just in case your device falls in the wrong hands, toavoid exposingthem.

6. Do not use organizational chats:Slack, Campfire, Skype and Google Hangouts should not be used for private conversations. They are easy to break in, and are exposed to disclosure requests for courts use, to resolve legal issues at the workplace. Therefore, its best to avoid them, not only when it comes to conversations with sources, but also conversations between colleagues, editors, etc., when you need to pass information received from your source, whose identity must be kept under cover. Many popular VoIP services like Jitsi have built-in chat features, and several of them are designed to offer most of Skypes features, which make them a great replacement.

7. In extreme cases, consider using aBlackphone:This phone, which strives to provide perfect protection for web surfing, calls, text messages and emails, is probably the best substitute for a regular phone if you are about to topple your government or getting ready to publish secret military files. An anti-bullet vest may also come in handy. Alternatively, try to do without a cell phone, Or opt for a cellular phone RFID signal-blocking bag. Theres always an option that even the Blackphone can be tracked using its IMEI (the mobile phones ID).

8. Protecting Data on your computer:Its very easy to break regular passwords, but it can take years to break passphrases i.e., random combinations of words. We recommend trying secure password management tools like: LastPass and 1Password and KeePassX. Youll need to remember only one password, versus too many Passwords. And still, when handling important services such as your email, do not rely on password managers: Just make sure you remember the password.In aninterviewto Alastair Reid in journalism.co.uk, Arjen Kamphuis, an information security expert, recommended that for encrypted hard drives, secure email, and unlocking laptops, one should choose a password of over 20 characters. Of course, the longer the password, the harder it is to crack but the harder it is to remember too. Thats why he recommends the use of a passphrase. It can be anything, like a line of your favorite poetry, Kamphuis says, maybe a line from something you wrote when you were nine that no one else will know about.Reid reports this thought provoking calculation, using theGibson Research Corporations password strength calculator: A password like F53r2GZlYT97uWB0DDQGZn3j2e, from a random password generator, seems very strong, and indeed it is, taking 1.29 hundred billion trillion centuries to exhaust all the combinations even when the software is making one hundred trillion guesses per second.

9. Two-factor authenticationis also a very good idea. In a regular two-stage authentication you sign in with your password and receive a second code, often via a text message to your smartphone. You can use Yubikey, as well as hardware tokens to further secure sensitive files on your computer. For more information, read the7 golden rules for password security.

10. Assign a computer for inspecting suspicious files/attachments:The easiest way to distribute malware and spyware is through installation via USB or through attachments and email links. It is recommended therefore you use one air-gapped computer to examine these threats under quarantine. With this computer, you can freely use a USB and download files from the Internet, but do not transfer the files to your regular computer or re-use that USB.

11. How to buy your own secured computer:Security expert Arjen Kamphuisrecommendspurchasing a pre-2009 IBM ThinkPad X60 or X61. These are the only modern enough laptops with modern software systems, which enable replacing low level software. Another point to take into account is that you should not buy your computer online, as it may be intercepted during delivery. Kamphuis recommends buying it from a second-hand store for cash. He also points out that you should abolish all connectivity: Remove all Ethernet, modem, Wi-Fi or Bluetooth capabilities. Personally, I know security experts who wouldnt trust such a computer.

12. Educating your Sources:Its possible that by the time the original and valuable information reaches you, its already too late. Your source may have made every possible mistake, leaving behind a trail of evidence. But beyond the need to secure the information once its in your hands, you should strive to teach your sources how to hide the information: store it securely and communicate safely via safe devices. Most people have no clue how to handle sensitive information, and in general what theyre up against the moment they get in touch with you.

13. Use a designated secure system for receiving documents:Replace Dropbox or Google Drive and use something less popular but more secure. For example,SecureDropis a designated system allowing you to receive files from anonymous sources and to safely scan and check them. Edward Snowden described Dropbox as hostile to privacy and recommendedSpideroakinstead. OnionShare is another free service that allows transferring files easily and anonymously.

14. Dont keep notes:neither on a laptop, nor calendars or contact lists on your cellphone or computer or in the cloud do not keep record of your sources name, initials, phone number, email or user name in messengers. Just dont.

15. Visual tracking:On the way to sensitive meetings, avoid using public transportation and guide your source to do the same. You should also avoid meeting places such as modern malls, where video cameras are spread all over the place.

16. Evading social media:Some people prefer to opt for radical anonymity. If for some reason, you need to vanish from the face of the earth without leaving a fully blown profile behind on every social media, totally delete your accounts. Its different from deactivating them, a state in which all your info is stored and can be re-activated.

17. Make friends among hackers:This will help you avoid big mistakes, save time and headaches and keep you up to date on the technological arms race.

18. Payment method:Pay for everything in cash, consider using Bitcoins buy them anonymously (use thisBusiness Insiderguide for that purpose) and, if you have somebody willing to accept them at the other end of the transaction, useDarkcoin. A pre-paid credit card from an online store is also an option.

19. Scribble wisely:If you jotted down information on a piece of paper, what they used to call a note in the Precambrian world, destroy it. And dont forget even that wrinkled one at the bottom of your pocket. Yes, right next to that gum.

You can see the eBook PDF-version of this guidehere.

See the rest here:
Online privacy guide for journalists - Radioinfo (subscription)

If youve built your small business into something substantial, youre likely still running it as asmall business. Thats both good and bad.

Its good in that you are preserving your personal touch. You probably have many customers who trust you personally, and who like that you still make 90% of the decisions.

Heres the bad.

If you are still operating like a small business in the sense that you are still touching nearly everything that needs to get done, you are both limiting your growth and robbing yourself of a well-deserved work life balance.

Now, its time to reward yourself and your stakeholders by taking things to the next level with the following productivity hacks and time management tips to help set you apart from the rest of the pack and increase your business growth.

#1 Build and document your Systems And processes

Without systems and Fortune 500 business processes to benefit your business, you wont be able to embrace the art of selling. Youll be way too overwhelmed.

Only a few activities will cause you more frustration in business than repeatedly spending your valuable time (and, by extension, money) undertaking a task or project that hasnt been properly documented. Yes, you may know what youre doing 9 times out of 10, but what happens when your business grows a bit more and you seek to delegate that task or project? Where is that document or image you need to attach every time? Where is that canned email response you always cut and paste? Where do you keep track of your prospecting outreach, automated social media posts, incoming vendor emails, contact info for potential clients and current clients, supply lists and ordering information?

Obviously, its crucial to have familiarity with your business systems and processes in order to identify your needs, plan strategically for the long term, and not lose your mind. Knowing your systems and processes intimately will give you a much needed sense of control, increase your productivity, and give you a heightened feeling of accomplishment. These psychological aspects of developing a system (or process) cannot be overstated.

They dramatically reduce stress. But more importantly, knowing and documenting those systems and processes is really where the money is at.

This podcast episode discusses key insights on how you can create systems to help maximize and focus your business efforts.

If you dont already have systems in place that youve mastered, thats okay. You can put a basic system or process in place for any task or project.

If you already have systems in place, all the better! And if youve written a training manual or internal document that details a process, you are truly a rock star!

The growth mindset was discovered by psychologist and Stanford professor Carol Dweck, Ph.D. who defines mindset as a self-perception (I am a great speaker; I am a bad dancer) that is either fixed or focused on growth.

Fixed mindsets perceive failure as inevitable, since they believe being good at something is defined by an inherent trait or ability. Essentially, they think that nothing can be effectively trained for or learned if someone isnt predisposed to the skill or knowledge. This mindset is naturally limiting, and arguably disastrous.

Conversely, those with a growth mindset believe that their most basic abilities can be developed through dedication and hard work brains and talent are just the starting point. This view creates a love of learning and a resilience that is essential for great accomplishment, writes Carol. In this way, language is huge when it comes to growth. On a personal (internal) level, what we tell ourselves has a defining impact on our performance and success.

Which is why the emerging field of positive psychology has become invested in increasing peoples productivity through the use of language motivators. For instance, saying to yourself I have to is far less motivating than saying I get to.

Its important to realize that fixed mindsets damage our ability to acquire new skills, and are scientifically proven to negatively affect our ability to succeed at personal relationships, professional success, and many other dimensions of life. In light of this, why would you ever embrace any mindset other than a growth mindset?

Developing a growth mindset is a surefire way to double your productivity and work toward sustainable business growth.

Even with all the alerts, pings, instant messaging apps, phone calls, texts, social media exchanges, and meetings, email inbox issues are still considered one of the most challenging of all business-related distractions.

So, its no surprise that email is hurting productivity in the workplace.

According to Jocelyn Glei, workers are:

In Gleis mind, our addiction to our email inbox really comes down to our desire to complete short tasks that will give us a completion-induced dopamine hit. This desire for a feel good reward pre-disposes us to repeat behaviors that are, at their very root, counterproductive.

The solution: understand your habit type.

Glei has found that there are two types of email openers, Reactors and Batchers. Reactors constantly move back-and-forth between emails and other tasks all day long. They are the switchers; the multitaskers (more on multitasking below). Batchers, on the other hand, deliberately limit the amount of daily time they spend checking emails.

Guess which type is better?

With all the research proving that multitasking is for dummies, its really no surprise that the people who check their emails in batches Batchers are significantly more productive, happy, and less stressed than their more reactive counterparts, the ill-fated Reactors.

Batchers are the true champions of email best practices and productivity in the workplace.

When multitasking, mental sharpness is measurably reduced.

Dr. Glenn Wilson, a psychiatrist at Kings College London University, conducted 80 clinical trials that monitored the IQ of workers throughout the day. Dr. Wilson found the IQ of those who tried to multitask fell by 10 points, which is equal to missing a whole nights sleep and more than double the 4 point fall seen after smoking marijuana.

The research suggests that we are in danger of being caught up in a 24-hour always on society,

David Smith, Head of Customer Support Americas at Hewlett Packard

Research and common sense suggest that multitasking leads to lost productivity and concentration, which increases exponentially in accordance with the complexity of the task involved. All of this impacts your businessand gives your competitors a leg up, which is why its imperative to train your focus solely on top business priorities. Having your priorities straight will increase your productivity and give you a competitive advantage.

Many productivity enthusiasts advocate for literally writing down your top 3 must accomplish tasks every day. By doing this, you will streamline your attention and reduce the temptation for distraction. When you have your 3 prioritized tasks, go a step further and schedule blocks of time to accomplish those tasks. Even better, write down and prepare yourself for those 3 tasks the night before:

Webcast, May 29th: 5 Growth Hacks To Double Your Revenue Using Social Data

A major benefit of preparing your daily list the night before is that this exercise lets you sleep more soundly. Once you have written down everything you have to do on your list, it clears your mind and enables you to sleep deeply. This will help you increase productivity throughout the next work day.

Brian Tracy, Chairman and CEO at Brian Tracy International

What happens when you cant help but get distracted by ringing phones, urgent instant messages, and employees asking for your help? Hire a virtual assistant (more on hiring a virtual administrative assistant below) to keep everyone and everything at bay while they also take care of your low priority tasks so you can focus your attention only on what will add value to your position and your business.

Our brains just arent awesome at multitasking.

#5 make meetings matter

We all spend so much time in meetings that its pretty much an epidemic in business.

If youre a manager, chances are you spend upwards of 35% of your time in meetings. If youre in the C-suite, youre spending 50% or more of your time in meetings. Yetthis time is nothing but lost opportunity unless you can maximize the productivity and output of each meeting.

How can you keep meetings productive and on track?

Make sure you have a plan for the meeting. This is key. Once you have your plan, send it out as an agenda to all attendees in either a calendar invite or an email. This will keep you focused, which will help keep everyone else focused, too. In addition, before the meeting begins, ask everyone to put their phones in airplane mode to minimize distractions. As you sum up the meeting, provide crystal clear next steps so everyone involved will know who is supposed to do what. A good rule of thumb is to spend half the meeting presenting the material and half in discussion.

Whats the ideal meeting length?

Routine meetings should be kept to a half hour, but 15 minutes is typically all thats needed if you stay focused, minimize distractions during the meeting, and keep all discussion (questions, comments, etc) until the end. If someone tries to derail the meeting by bringing up irrelevant topics or hijacking your agenda, politely rein them in by saying, Great thoughts, but right now we need to stay on track with the current meetings agenda. We can discuss your points at a later time. Ill connect with you after this meeting to schedule a follow-up meeting.

A crucial takeaway here is to only take part in a meeting if there is both a straightforward purpose and agenda in addition to clear-cut start and finish times.

A word of advice

These days, many professionals work remotedly. This makes video conferencing software a must have resource for businesses that leverage remote workers.

Since a virtual administrative assistant is a remote worker, our team at Prialto uses remote video conferencing tools (Jitsi, Skype, and Zoom) to hold the majority of our meetings with clients, vendors, and each other. These tools are great for giving instructions, asking questions, and responding to issues in real-time. These tools also provide an ideal way to build and nurture relationships by allowing us to telecommute in order to gain that crucial face-to-face time across time zones.

Dont have remote workers on your team? Not leveraging a virtual administrative assistant to handle your ongoing, repeatable tasks? No a problem.

You can build relationships with prospective and current clients as well as vendors and partners by using video conferencing software to meet with them.

#6 optimize your health

Youve heard this before, so I wont go on and on about the importance of taking regular 15 minute breaks throughout your workday, getting consistent exercise, eating well (limit sugar and processed foods, at minimum), drink plenty of water, and shoot for a full nights sleep as the norm.

#7 delegate and outsource

Outsourcing has its pros and cons depending on what is outsourced and the terms you set for your providers on the front end. Some tasks or functions are ideal for outsourcing to other companies or freelancers while some jobs are better kept closer to home. In any case, proper planning and collaboration can help you provide an optimal system that is a mix of outsourced and in-house efforts.

Youll know youre successful when your company can take on the inevitability of forward movement without you.

Eric Taussig, Prialto CEO and Founder

The takeaway here is to delegate as many of your tasks as possible. When you delegate to your team, you empower them with a sense of ownership that will increase both your productivity and theirs.

Delegating is often a challenge for high performing executives and business founders. They are so used to touching every aspect of their tasks and processes that it can prove very difficult for them to hand over the keys.

But this is a massive handicap for them and their business, since delegating is the best way for executives and founders to maximize their ability to effectively handle multiple demands on their limited time. After all, highly productive professionals are very discerning when it comes to how they spend their energy and time.

The best practice for delegating is to take on only those tasks that no one else but you can do. Everything else should be delegated. So ask yourself: Does this task need to be accomplished? If no, throw out the task. If yes, decide if the task is crucial for you to accomplish or if someone else can own the task.

When you hire a virtual assistant there are numerous cost and time savings to take advantage of that will increase your productivity exponentially, since the best virtual assistant services will make sure your virtual administrative assistant only adds to your businesss success and growth.

You really dont need to do everything yourself. Hire a virtual assistant to free up your time for the tasks that you and you alone can do.

CONCLUSION

The above productivity hacks and time management tips are huge time savers with the potential to be even bigger moneymakers. The trick is to put them into practice.

Start small by picking one hack or tip from the above list. Tackle that hack or tip in a very focused way. After youve mastered it, move on to the next hack or tip and dominate that one, too.

Deena is the Marketing Manager at Prialto, a Portland-based business that provides managed, dedicated virtual assistants to executives, entrepreneurs, and companies of all sizes. Prialto's services are curated and managed from our Headquarters in Portland, Oregon with creative insights from our global staff in Asia and Central America. Ourglobal telecommuting Viewfullprofile

The rest is here:
Your Essential List of 7 Productivity Hacks and Time Management Tips - Business 2 Community

By Lily Hay Newman for WIRED.

WIRED

As end-to-end encrypted messaging apps have exploded in popularity, several well-known services have added encrypted calls as well. Why not, right? If it works for text-based chat, voice seems like a natural extension. If only it were that easy.

Encrypting calls has plenty of value, keeping conversations strictly between the two parties. They can circumvent government wiretaps, or criminal snooping. But a host of technical challenges with facilitating the calls themselves has slowed the spread of voice over internet protocol overall. Bandwidth is expensive. Firewalls and network filters make it harder to route data streams. Even basic call quality issues, like delays and echoes, prove difficult to fix. Adding encryption on top of all of this takes additional resources and specialized developers.

All of which has delayed encrypted calling but not stopped it. And a new groundswell of enthusiasm is bringing more options than ever.

The challenges of making reliable encrypted calling starts with the underlying premise of internet-based calls. Theyre hard. While VoIP calling has become more reliable over the years, it remains technically challenging in itself, especially when people use cellular data instead of more stable ethernet or Wi-Fi connections.

Despite those challenges, Signal, the well-regarded secure communication platform, has offered encrypted calling since 2014. And when WhatsApp followed in 2016, bringing encrypted calls and video chat to more than a billion users, it helped shake off some longstanding inertia. Other secure messaging apps like Wire and Telegram have added encrypted calling over the last year. Signal itself even rolled out call quality improvements in February.

Signal developer Open Whisper Systems open-sources its code, so that companies can borrow from it to build their own encrypted chat and calling features. For example, while WhatsApps overall setup is proprietary, it bases the key exchange for its end-to-end encrypted messages and calls on Signal Protocol. Its users have to trust that it is implementing true end to end encryption in the way it claims. In exchange it brings some form of end to end encryption to an enormous user base that would probably otherwise have little exposure to or protection from the feature. And customers who dont have faith in a large provider like WhatsApp now have other options, given the recent proliferation of both VoIP in general and encryption specifically.

Theres so much happening right now in this space which is really exciting, says Nathan Freitas, the founder and director of the Guardian Project, a privacy and security nonprofit that worked on an encrypted calling platform called Open Secure Telephony Network. In 2012 there was just Skype basically. Google Hangouts didnt even exist. FaceTime existed kind of. So were really happy when theres so much public innovation that includes privacy and security.

Though not nearly as much as there could be, if everyone could get on the same page.

As with messaging, end-to-end encrypted calls require that both ends of the conversation use the same system. In other words, using Signal to call a landline wont cut it; you need to connect with another Signal user. Given this reality, many developers naturally gravitate to implementing encryption in closed systems; its easier both to manage and monetize.

For users, though, this approach has downsides. Unless the developer makes the product fully open source, or allows for extensive independent auditing, theres no guarantee that the encryption implementation works as advertised. The lock-in factor also limits who you can safely communicate with, which slows adoption.

Imagine, instead, an open communication standard that includes end-to-end encryption. It would allow secure communication with more people between different products and interfaces, because the protocols facilitating the end to end encryption would be the same.

The Guardian Projects OSTN experiment attempted to create exactly that sort of comprehensive, open communication suite. It focuses on using existing open, interoperable communication standards, employing classic protocols like ZRTP, which was developed in the mid 2000s by PGP creator Phil Zimmerman, and SRTP, which was developed in the early 2000s at Cisco. It also coordinates and controls its voice calls using the Session Initiation Protocol, developed by the telecom industry in the mid 1990s.

That retro backbone didnt come by choice; there simply arent a lot of more modern open protocol options available. Most big VoIP plus encryption advances have come from private companies like Skype (now owned by Microsoft), Google, and Apple, who offer varying degrees of encryption protection for calls and tend to value locked-in users over interoperability. That left OSTN with old tools.

While theyre very powerful, these are things that are 10, 20, 30 years old in terms of the architecture and the thinking, Freitas says. Theyre definitely showing their age.

And while a few smaller services, like PrivateWave and Jitsi, have adopted OSTN, the decision by larger companies to go it alone has limited its open-protocol dreams. Thats especially a shame for people who need absolute guarantees of security.

With proprietary apps, it can be hard for a user to tell if end-to-end encryption is enabled on both ends. Or, in the case of apps whose encryption protocols have not been fully vetted, whether it works as advertised to begin with.

For mainstream services, crypto is a nice add-on to give users the idea that they can feel more secure, but thats completely different than when your [customers] are people who are under threat, says Bjoern Rupp, the CEO of the boutique German secure communication firm CryptoPhone. If you have to fear for your life, not all secure communication systems are designed for that.

Encryption die-hards can host their own system using open standards like OSTN, similar to how you might host your own email server. Though it takes some technical knowhow, its an option that gives users real control and that isnt possible with closed systems. Another option is to use a security first service like CryptoPhone that offers an integrated, one-stop solution.

CryptoPhones can only call other CryptoPhones, but the company made that choice so it could control the security and experience of both hardware and software. To reconcile this closed system with transparency, the company is open source and invites independent review. It also has over a decade of experience. CryptoPhone has been making high-end commercial products for secure voice calling for a long time, the Guardian Projects Freitas says. They had these crypto flip phones, which were awesome.

None of which leaves the average consumer with widespread encrypted calling that works across multiple services. There may be some help on the way, though, in the form of a new, open, decentralized communication standard called Matrix that includes end to end encryption for chat, VoIP calling, and more. Matrix could be a clean, easy to implement standard underlying other software. For instance, if Slack and Google Hangouts both used the Matrix standard, you would be able to Slack someone from Hangouts and vice versa, similar to how you can send emails to anyone using their email address, regardless of what provider they use.

The net owes its existence to open interoperability, says Matthew Hodgson, technical lead of Matrix. Then people build silos to capture value, which is fair enough, but you get to a saturation point where the silos start really stifling innovation and progress through monopolism.

The catch, of course, is getting buy-in from companies that have little incentive, or getting new services built on a standard like Matrix to take off. Walled gardens tend to produce more profit than open ones.

Still, having these new options is an important first step. And combined with the broader proliferation of encrypted voice-calling apps, change finally seems to be coming from a lot of directions at once. I think theres a longer-term project going on called the internet, Freitas says. Some of us still believe in it.

Read more:
Encrypted Chat Took Over. Let's Encrypt Calls, Too - Huffington Post

As an IT major, there are a lot of new programs that you have to learn and work with. Many students work with them for the first time at the iSchool. To help you out, heres the five most essential apps you didnt know you needed:

Taiga kan ban boards helped me a lot with managing projects during IST 466 (Prof Issues/Information Management & Technology capstone) and IST 445 (Managing Information Systems Projects project management). Currently,Trello is the industry standard thats sweeping the market in online boards. Taiga kan ban and scrum boards have a cleaner interface that is easier to navigate and comprehend, especially for smaller teams.

For example, with IST 445, its easy to set up and monitor theprogress of each of the five phases of project management with related activities (called user stories) and tasked team members. Or you could check out the kan ban section to see the progress of all user stories sorted between new, ready, in progress, ready for test, done, and archived.Other features include a wiki section, issue tracker, integrations and plugins,automatic reporting, and a quick link to a custom video conference room (I recommend Jitsi).

Taiga can be downloaded to your own server or used via web hosted Taiga.io.

f.lux makes working in front of the computer late at night less painful for your eyes. With f.lux, it alters the brightness and colorization of your computer or smartphone screen. It sets itself according to the time of day of your zip code or grid coordinates. Set to autostart when your computer boots, f.lux brightens and darkens your screen during the day and night respectively to reduce eye strain allowing you to work longer. Even with f.lux downloaded, you should still take regular breaks away from any screen.

f.lux is available for Windows, Linux Debian/Ubuntu, OS X, Android and iPhone/iPad.

Master PDF Editorallows you to create and edit PDF files for free. Editing options include rearranging pages, encryption, file type conversion, creating PDFs from a blank page, and more. My favorite feature is the ability to add text fields. This allows users to type and save information into the PDF, negating the need to print, fill out by hand, and scan PDF submissions. More Section 508 accessibility features to accompany optical character recognition (OCR) are planned for future releases.

Master PDF Editor is available for Windows, Linux, and OS X.

CherryTreeis a note-taking desktop app that simplifies organization via hierarchical sections, called nodes and sub-nodes. Each node can be set as rich text or over 50 other programming languages including Java and Python. It uses color syntax highlighting for easier visual understanding. With rich text, you have many common formatting options (bold, align, list, etc.) and can insert code boxes for programming languages with syntax highlighting as well. Compatibility features allow importing/exporting files for over a dozen note-taking apps such as Zimand Evernote.

CherryTree is available for Windows and Linux Debian/Ubuntu.

Slackis a great Internet Relay Chat (IRC) solution for real-time virtual collaboration. The ability to integrate other apps (including aforementioned Taiga.io)with Slack via web hooks and plugins makes it a solid hub for teamwork. However, when working on multiple projects it is easier to have a desktop app that handles multiple Slack channels at once versus an open tab per Slack channel in your web browser. You can navigate between Slack channels using the vertical navigation bar on the left in Slack and Scudcloud desktop apps.

The official Slack appis for Windows and Linux Debian/Ubuntu. Scudcloudholds three for Linux Debian/Ubuntu, Arch, and Fedora users.

See more here:
5 Apps You Didn't Know You Needed - Syracuse University News

Jitsi Meet lets you stay in touch with all your teams, be they family, friends, or colleagues. Instant video conferences, efficiently adapting to your scale.

* Unlimited users: There are no artificial restrictions on the number of users or conference participants. Server power and bandwidth are the only limiting factors. * No account needed. * Lock-protected rooms: Control the access to your conferences with a password. * Encrypted by default. * High quality: Audio and video are delivered with the clarity and richness of Opus and VP8. * Web browser ready: No downloads are required of your friends to join the conversation. Jitsi Meet works directly within their browsers as well. Simply share your conference URL with others to get started. * 100% open source: Powered by awesome communities from all over the world. And your friends at Atlassian. * Invite by pretty URLs: You can meet at the easy to remember https://MySite.com/OurConf of your choice instead of joining the hard to remember rooms with seemingly random sequences of numbers and letters in their names.

Link:
Jitsi Meet - Android Apps on Google Play

Whistleblower Edward Snowden is working to develop tools for journalists that he says will help protect them and their sources from government surveillance and state-sponsored hackers.

It comes asthe UK government has been forced to down play fears that proposals to amend the Official Secrets Act would turn journalists and whistleblowers into criminals.

Former US intelligence officer Snowden was forced into exile after sharing confidential US intelligence documents with the press revealing the extent of mass government surveillance.

Since last year, he has been serving as president of the US-based Freedom of the Press Foundation (FPF), having joining its board in 2014.

The non-profit group, which has a team of 10 staff, claims to be dedicated to helping support and defend public-interest journalism.

Speaking to Wired magazine from Moscow, Snowden said the team were trying to provide a few niche tools [for journalists] to make the game a little more fair.

He added: Newsrooms dont have the budget, the sophistication, or the skills to defend themselves in the current environment.

When in 2013 Snowden set about leaking secret government files to journalists among them Guardian columnist Glenn Greenwald,who is a co-founder of the FPF he evaded detection by using anonymity software Tor and teaching reporters how to use encryption tool GPG by creating an online video tutorial that disguised his voice.

He told Wired his current focus was to on developing security and encryption tools that would make this all paint-by-numbers [for journalists] instead of teaching yourself to be Picasso.

Those in development include a hardware modification for the iPhone to detect malware on the device that is secretly transmitting a reporters data, such as their location.

Another, called Sunder, would act as a treasure chest of digital information that can only be opened when several passwords are combined something journalists could use to protect a bulk of data.

The foundation is also working on an easy-to-use version of encrypted video-chat software Jitsi used by Snowden to speak to the magazine via secure video link.

We cant fix the surveillance problem overnight, Snowden said. But maybe we can build a shield that will protect anyone whos standing behind it.

In November the UK government passed the Investigatory Powers Bill that enables the state to use electronic snooping tactics to fight crime, including widespread collection of electronic data.

Following Press Gazettes Save Our Sources campaign, police requests to view journalists call records in order to identify their sources have to be signed off by judges.

But concerns remain that the applications are made in secret and so cannot be argued by news organisations in a court of law.

See the rest here:
Snowden helping develop tools to protect journalists and whistleblowers - 'to make the game a little more fair' - Press Gazette

Slide: 1 / of 1. Caption: 520 Design

This story is part of our special coverage, The News in Crisis.

When Edward Snowden leaked the biggest collection of classified National Security Agency documents in history, he wasnt just revealing the inner workings of a global surveillance machine. He was also scrambling to evade it. To communicate with the journalists who would publish his secrets, he had to route all his messages over the anonymity software Tor, teach reporters to use the encryption tool PGP by creating a YouTube tutorial that disguised his voice, and eventually ditch his comfortable life (and smartphone) in Hawaii to set up a cloak-and-dagger data handoff halfway around the world.

Now, nearly four years later, Snowden has focused the next phase of his career on solving that very specific instance of the panopticon problem: how to protect reporters and the people who feed them information in an era of eroding privacywithout requiring them to have an NSA analysts expertise in encryption or to exile themselves to Moscow. Watch the journalists and youll find their sources, Snowden says. So how do we preserve that confidentiality in this new world, when its more important than ever?

Since early last year, Snowden has quietly served as president of a small San Franciscobased nonprofit called the Freedom of the Press Foundation. Its mission: to equip the media to do its job at a time when state-sponsored hackers and government surveillance threaten investigative reporting in ways Woodward and Bernstein never imagined. Newsrooms dont have the budget, the sophistication, or the skills to defend themselves in the current environment, says Snowden, who spoke to WIRED via encrypted video-chat from his home in Moscow. Were trying to provide a few niche tools to make the game a little more fair.

The groups 10 staffers and a handful of contract coders, with Snowdens remote guidance, are working to develop an armory of security upgrades for reporters. Snowden and renowned hacker Bunnie Huang have partnered to develop a hardware modification for the iPhone, designed to detect if malware on the device is secretly transmitting a reporters data, including location. Theyve recruited Fred Jacobs, one of the coders for the popular encryption app Signal, to help build a piece of software called Sunder; the tool would allow journalists to encrypt a trove of secrets and then retrieve them only if several newsroom colleagues combine their passwords to access the data. And the foundations coders are building a plug-and-play version of Jitsi, the encrypted video-chat software Snowden himself uses for daily communication. They want newsrooms to be able to install it on their own servers with a few clicks. The idea is to make this all paint-by-numbers instead of teaching yourself to be Picasso, Snowden says.

A brief guide to becoming an anonymous source.

Web

The anonymity network Tor obscures your identity by routing your online traffic through computers worldwide. Access it via the web-based Tor Browser to visit any site related to your planned contact with the press. Find a directory of the 35 or so news organizations that maintain SecureDrop portalsTor-enabled inboxes for anonymous tips. Then choose an outlet and leak away.

Phone

Buy a burnera cheap, prepaid Android phonewith cash from a nonchain store in an area youve never been to before. Dont carry your regular phone and the burner at the same time, and never turn on the burner at home or work. Create a Gmail and Google Play account from the burner, then install the encrypted calling and texting app Signal. When youre done, destroy the burner and ditch its corpse far from home.

Snail mail

Pick a distant mailbox, dont carry your phone on the trip, andduhdont include a real return address.

But the foundations biggest coup has been SecureDrop, a Tor-based system for WikiLeaks-style uploads of leaked materials and news tips. The system has now been adopted by dozens of outlets, including The Guardian, The New York Times, and The Washington Post. It works. I know, hinted a tweet from Washington Post reporter David Fahrenthold the day after he published a leaked video of Donald Trump bragging about sexual assault.

In early 2014, the Freedom of the Press Foundations founderswho include the first recipients of Snowdens leaks, journalists Glenn Greenwald and Laura Poitrasasked their 30-year-old source to join the groups board as a largely symbolic gesture. But Snowden surprised the board members by showing up to his first meeting with a list of detailed changes to its 40-plus pages of bylaws. The next year he was unanimously elected its president. No one has more practical expertise when it comes to whistleblower and journalist communications, says Trevor Timm, the groups executive director. It was the perfect fit. Snowden has refused a salary, instead giving the group more than $60,000 of his fees from speaking engagements over the past year.

Snowdens own leaks have shown the dire need for the foundations work: In early 2015 he revealed that British spies had collected emails from practically every major newspaper and wire service. Other signs of encroaching state surveillance have also put journalists on guard. Late last year it emerged that Montreal police had tracked the phone calls and texts of a reporter in order to identify sources critical of the department. And in early January, before he had even taken office, Donald Trump called on Congress to investigate a leak to NBC newsone that gave the network a sneak peek at an intelligence report on Russias role in influencing the US election. In the months since Trumps victory, the Freedom of the Press Foundations phones have been ringing off the hook with requests from newsrooms for training sessions, says Timm.

Snowden is quick to note it was the administration of President Obama, not Trump, that indicted him and at least seven others under the Espionage Act for leaking information to journalists. Thats more such indictments than all other presidents in history combined have issued. But Snowden and Timm worry that Trump, with his deep-seated disdain for the media and the full powers of the US Justice Department at his fingertips, will be only too happy to carry forward and expand that precedent.

All of that makes the medias technical protections from spying more important than ever. We cant fix the surveillance problem overnight, Snowden says. But maybe we can build a shield that will protect anyone whos standing behind it. If the group succeeds, perhaps the next Snowden will be able to take refuge not in Moscow but in the encrypted corners of the internet.

Andy Greenberg (@a_greenberg) wrote about Google subsidiary Jigsaw in issue 24.10.

This article appears in the March issue. Subscribe now.

Read the original post:
Edward Snowden's New Job: Protecting Reporters From Spies - WIRED