Credit: Paul John Higgins

As any CryptoParty attendee will attest, you can only ensure a reasonably private communication by using “strong, end-to-end encryption,” “strong” here meaning nearly impossible to break, even with supercomputers, and “end-to-end” referring to only the intended parties being able to interpret the communications. Because the users store the keys on their devices, no one in the middle can unlock the messages. Almost all the following tools are free to download and use.


Strong passwords are often your first and best defense. A password manager is able to automatically generate long passwords that thwart automated password crackers. The application also automatically fills in passwords on frequently visited sites. A couple of the most used password managers, like LastPass, are browser extensions. But for passwords that aren’t on an Internet account, you can generate a strong, memorable password using a method called Diceware: roll a set of five dice six times, then match each result to the master list of 7,776 short words; the six words that result become your password.

Web browsing

Tor is an anonymous Web browser that’s as easy to install as Chrome or Firefox. It sends browsing data to and from your computer via several other proxy machines around the world, obscuring your location. If you’re trying to remain anonymous to the NSA or whoever else may be watching, remember that if you navigate to anything associated with you, such as an online account you possess, you’ve given yourself away and you need to exit the browser or choose the option to refresh its identity.


E-mail encryption via Pretty Good Privacy and GNU Privacy Guard turns your content into gibberish between your device and the device of the person to whom you’re sending mail. Because the software is older, these tools are the most difficult on this list to set up. For an average computer user, expect a couple hours; 20 minutes for someone more computer savvy. The most common client is Mozilla Thunderbird with the EnigMail plugin.


A cinch: For encrypted text messaging on iPhone, just download Signal from the app store. On Android, download TextSecure. (The two apps use the same encryption scheme.) After short, software-guided setups, they both encrypt automatically with anyone else who uses them. For best results, set them as your phone’s default messaging app.

Phone calls

RedPhone gives you the option to encrypt voice calls. (If you have an iPhone, Signal contains RedPhone, so no need to download it separately.) Whenever you dial someone who also has the application, it asks if you want to use the app. If you say yes, the other person will get an encrypted call.

Instant messaging

OTR, short for Off the Record, is a protocol for instant message encryption. Popular chat clients that support it include Adium (for Mac) and Pidgin (for Windows and Linux). Beware: Google Mail has a chat mode called “off the record,” but it’s not end-to-end encrypted.

Resting data

If you’re worried about someone accessing your data if you lose your device, you need more than a screen lock—you need “full-disk encryption.” When your device has full-disk encryption and is powered off, all the data inside is hopelessly scrambled until you boot up and enter your password. BitLocker is a trusted encryption system on Windows machines. FileVault comes preloaded on Apple computers, but you have to activate it. Android phones also offer encryption you can turn on in the settings. On iPhone, encryption is on by default in any IOS version 8 or after. But for disk encryption to matter against an attacker with fancy equipment, you have to power off your device before losing it. And few people do that with cell phones. Luckily, a good screen-lock password will thwart a common thief.  v