From DevSummit
Revision as of 18:07, 5 May 2015 by Vivian (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
  • COINTELPRO (Counter Intelligence Program): systematic political harassment campaign from US government in 60s and 70s; systematically infiltrated, intimidated, harassed, and possibly executed people; hardcore political crackdown. Undercover agents joined activist groups, stayed with them for months and years, began personal/romantic relationships with activists, committed seriously divisive actions.
  • Citizens' Commission to Investigate the FBI:, anonymous group who broke into FBI and leaked the documents that showed the internal dialogue within the FBI and evidence of the existence and activities of the program. No one ever found out who leaked the docs; leak investigated by the Church Committee, resulted in legal reforms, Freedom of Information Act.
  • Talking about this in COINTELPRO framework is because the good results of the leak and investigation didn't

work out so well; Freedom of Info act failed us; programs like COINTELPRO still exist.

  • We [at NPDev] are currently in 1 of the most surveilled places in the world. 2nd and Folsom
  • We leave behind a story about ourselves in the form of data. Cell phones are tracking devices, a surveillance network that can make phone calls.
  • Whoever controls the narrative has a lot of control over us; it's a pressing issue.
  • People make arguments about have nothing to hide, yet they wear pants and have curtains in their windows!
  • There are many things we can do when we recognize that the threat exists.
  • Let's talk about activities, e.g. poisoning data sets with inaccurate information that calls into question other information that they have about someone.
  • How do you make a phone call when you know someone is surveilling you? Chat online about activity that's illegal in another country?
  • Talk about [anti-surveillance] activities that we'd like to be able to do and how we can do it.
  • It's important to not scare people but rather wake them up to reality and find ways to empower people so that we walk away and can say "hey, you're practicing unsafe computing."
  • Similar to safe sex awareness and rhetoric that has been widely shared and is therefore widely understood.
  • Really like safe sex analogy; realizing that we did manage to drive home the point that you don't use protection just when you think you're probably having sex with someone with an STI; you just use protection all the time and then relax. Same with safe computing protection -- use it all the time.
  • I've worked on many things that are controversial enough to possibly lead to an FBI file; if I know that everything I'm doing is surveilled, cell phone companies monitoring and storing data and location, hand over data whenever asked. There has to be the assumption that everyone one does is being monitored. Constantly behave as if everything is on a stage. Assume that everything might as well be public even when it's ostensibly private.
  • Have a conversation whether by cell phone or online; an audio conversation that is NOT monitored.
  • There's a kind of privilege that not everyone has: some people have different pieces of information that they can or cannot reveal. Some people are unaware that they lack the privilege to reveal certain kinds of data. There is a cost to living assuming that everything is being surveilled without protection.
  • Some friends do everything super-publicly; trying to understand what acting privately would mean as an approach. There are people who take risks when they know they have backup and support networks, but most people don't have that.
  • Threat modeling: we ask what the threat is. The state? What state? E.g. if you're worried that a big agro company is going to come after you, what are they likely to do? They might hire P.I.s, so cryptography and having conversations in person are probably sufficient responses to your threat model. With a little threat modeling you beat the adversary practically with regard to gathering evidence.
  • Threat modeling for Mozilla: threat is the government, everyone else.
  • Worrying about physical violence = very different than worrying about intellectual property.
  • Some folks were gathering funds for Occupy; wanted to use a PayPal button. Asking people to give money via PayPal leaves a trail; would like to be able to collect money from people without a trail.
  • If you protect specific communications you're revealing that they're sensitive; there should be a general model for entire communications because
  • "Little Brother" by Cory Doctorow - a YA book that breaks down lots of these security issues, available completely free on the web.
  • Explanation of PGP encryption (note taker explained and therefore didn't take notes, check out Chap 12 (or so) of Little Brother (free online) for great and complete explanation.
  • Search obfuscation, data retention by 3rd parties (there are no constitutional protections for companies or organizations that retain any data).
  • The gov't says that if you talk to a 3rd party you have no expectation of privacy, e.g. Twitter case that says that since you use the Internet Protocol you willingly exposed your IP address to a 3rd party and therefore have no expectation of privacy.
  • The gov't gets to pick which privacy policy for a serve that they pay attention to; if a privacy policy gets more restrictive for a service, they can use the older versions of the policy.
  • Total Awareness Information Program was banned by Congress by statute; it was later pieced apart into 12 different databases rather than one, and those 12 different databases now work together behind closed doors. CIA recently said they predicted what happened in Egypt by monitoring Twitter and Facebook.
  • DocumentCloud was facilitating journalists uploading primary documents; they wanted privacy policy and terms of use that would functionally protect DocumentCloud AND users. Traffic to privacy policy page revealed that very few people actually read it; Software Freedom Law center was very helpful in terms of challenging them to maximize users' rights in their terms of use and privacy policies. The easy thing to do as a software developer is to minimize users rights.
  • Tension between maximizing rights and privacy and usability, the market. Competing with services that people have gotten used to where everything is integrated with everything else; projects have gotten derailed because of an acknowledgement that people's private info would be stored.
  • Firefox Sync: all encrypted on the client = nothing to turn over if subpoenaed. Chrome also syncs but that data is not encrypted by default and is mined. But starting to get into the place where there are features where you can't avoid having data. Can't build stuff that people actually want to use unless they start storing data.
  • Privacy by design vs privacy by policy. Chrome = privacy by policy; you give them the data, they promise to do the right thing, but the gov't can force them to do something else. Policy is not the same as the law or reality. Mozilla = privacy by design; their free software does a political thing that is backed up by math (encryption); no amount of violence or power can violate that. This can be applied to almost all of the services we speak about; if you trust one party there's a good chance that it's just a policy that's protecting you, rather than privacy by design.
  • Privacy by design: Firefox Sync, where data passing through Mozilla services is encrypted on the client-side (phone, laptop, desktop, etc.) Even if the gov't came to Mozilla and asked for bookmarks, Mozilla would have no way to get to it or give it over. Privacy by policy = a piece of paper or document that says they won't hand info over.
  • Privacy by openness: anyone who is in a community has access to the information; you share it and everyone has it.
  • Wouldn't call that privacy; there's a book called The Death of Privacy that argues that if everything is transparent everyone is safe. However we're not all on equal footing, so it won't ever be symmetric. There is some value in transparency, but the decks are stacked.
  • Surveillance is ultimately asymmetric; the people who are doing the surveillance have the power.
  • Censorship: just because some things are blocked doesn't mean that the other things are blocked.
  • The Transparent Society by David Bryn (sp?): two cities: surveillance state, controlled by police, no transparency, no oversight. Another surveillance state is that everyone has access to all surveillance all the time. He argues that you have to pick one or the other all the time, no in betweens.
  • Infrastructure is not evenly distributed.
  • THere are some communities where just knowing that you smoke marijuana can get your kids taken away; some populations are vulnerable to that and others are not.
  • When I talk about security and privacy; when people get too fear based, people make everything private and there isn't enough thoughtfulness about what needs to be private and what needs to be public. E.g. the argument that people shouldn't use Facebook because it reveals our relationships to the gov't goes against the need to reveal relationships in a democratic movement. Distinguish between info that needs to be private and needs to be public to meet our ends, e.g. an open democratic movement.
  • Are there any technologies, things to look forward to in terms of encrypted phone calls, email technologies, ways to protect people around the world struggling against repressive regimes?


  • Facebook "Like" button tracks you everywhere. Firefox extensions: Ghostery, Share Me Not, Priv3, NoScript
  • Tor Browser: based on Firefox; all the one off solutions only get you so far, but everything you do in TorBrowser goes over the Tor network. The local network has no idea what you're visiting, who you're talking to. Use it for chat & instant messaging, doesn't keep state. Windows, Mac OS X, Linux, run from USB stick.
  • Will Tor Browser disable any functionality? Answer: not really. Adobe Flash = greatest violator of privacy, you can visit a web page and your camera and mic can be turned on automatically. Tor Browser, Flash is disabled by default but HTML5 is making huge strides to replace Flash technologies with privacy in tact.
  • PGP for email; key exchange in the first place is your weakest link, but if you can do a key exchange that you feel secure with, once that's done you can trust that communication.
  • Primary function of intelligence these days is all about understanding social networks. With PGP, deniability is really important; if you write an email, you want to be able to deny that you sent that email. With unsigned email you can't deny, with a key-signed email you can.
  • Thunderbird integrates with a smart card that you can destroy to revoke your PGP key.
  • Chatting: off-the-record (OTR) messaging. Gives you forward secrecy - if someone does break into your computer and takes your crypto keys, these keys are only good for identifying you; they cannot be used to decrypt your past conversations. Google still has the relationship info between two people, but Riseup Jabber can be a better chat solution.
  • Tor: search Google anonymously, erase state of browser when you're done.
  • Set chat client up to chat with Tor, OTR, SSL and TLS.
  • Compartmentalize knowledge and info: someone sees you use Tor; Tor knows someone connected to Google; Google sees someone somewhere connect to them; chat content is OTR so it's encrypted. Using those things can be very powerful.
  • Redphone and TextSecure: Redphone = encrypted VoIP to any other phone; resists wiretapping. Keys at end of call are destroyed; even if they steal phone they can't decrypt. iPhone and Android (not sure if that's for both of these.)
  • PrivateGSM = Redphone but cross-platform, built on open standards, can use to make encrypted cell phone calls. Already for iPhone, soon for Android. Most of this is free as in beer, some of it is also free as in speech.
  • Guardian Project: Tor ported to Android, GibberBot on Android (Chat, integrates with Tor, OTR). Both people need that client. Phone company only sees Tor traffic, chats are automatically encrypted.
  • Steps to take so that passive surveillance gets very little information; if someone is trying to surveil you they only get Tor traffic. Need to reduce amount of info that can be observed passively, e.g. that you're using Tor -- nothing else.
  • CEO of Sprint built web interface so that cops from anywhere can log in and easily put taps and trackers on individuals, send then information in real time.
  • Breaking your normal patterns reveals when you're doing something that needs to be concealed. Gov't can throw extra charges at you if they think you tried to hide things on purpose.
  • You can't wait on some of the circumstances; plan for it.