Journal Journal: Privacy for the Surveillance Age 3
Invisible Internet Project...
I2P is best described as a cross between Tor and Bittorrent. That is to say, the onion routing benefits from the fact that most participants contribute to the available bandwidth. It does also come bundled with a bittorrent client and email service. A number of other I2P apps are available including i2P-Bote, a new server-less email system based on DHT.
Qubes OS...
Qubes is a desktop OS based on a customized Xen hypervisor. It ships with Fedora 18 to provide Linux desktop functionality, but can also host Windows and other VMs. The philosophy here is that paravirtualization, VT-x and VT-d are all employed in concert to reduce the system's attack-able surface to the base minimum while still providing the functionality of a desktop.
My choices in this area amount to a pretty short list because each one is comprehensive in its approach to privacy and security. I2P keeps everything encrypted and anonymous end-to-end without the worrying about app-specific encryption settings (PGP, OTR, HTTPS, etc) which leads to inconsistent usage. That means using mostly I2P-specific apps, though Firefox for I2P Web is the current exception. Qubes OS secures the system by keeping the high-risk subsystems - IP, firewall and X11 - in their own read-only VMs, and also runs my apps in separate domains according to the trust/risk levels I assign to them. For example: a 'banking' appVM to access bank accounts in Firefox, a 'personal' appVM for email, chat and personal files, an 'untrusted' appVM for general roving around the unsecured Web and multimedia entertainment, an 'i2p' appVM for the growing amount of anon/private communications over I2P, etc. The Qubes project goes so far as to claim "strong security" and I believe them... this is not your run-of-the-mill VM system.
More about some of the interesting features in these puppies later...