Communication security and counter surveillance

From DevSummit
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
  * Communication security and counter surveillance
  * Examples of stuff we'd like protected
     * Occupy participants are using well designed collaboration tools (google docs)
     * Healthcare demographics 
     * Open communication in activism without being cornered
     * WAnt to know things that we should be aware of that we aren't currently are
     * Raising privacy awareness among the younger generation
     * video chat
     * security training for activists
     * email
     * Blocking of information - why is this happening
     * Protection of identity on the internet
     * Be more cognizant of what I'm sharing, and how to share this with partners
     * People of alternative lifestyles remain protected from judgement and prosecution
     * Usable tools while not giving up privacy/security
     * Anonymization of common discussion tools
     * Protecting people's rights when it comes to citizenship and youth
     * Creating a better language in how you talk to others about what they should be worried about
     * Trust based web-services vs. convenience
     * A social graph is a powerful tool for organizing, but also problematic
  * The US Government has devoted a lot of resources to map the social network of citizens of the united states and transaction logs of mobile phones
  * There hasn't been major abuses but this may not hold out - do we trust the "benevolent" government
  * The government is sanctioning the FBI to deny "more documentation works" - 20 year policy
     * This could be applied to other agencies
     * This might not be being used on a wide scale, but this may be a belief vs. truth 
  * Facebook may be closer to the US government vs. Mugabe's government, and your privacy is set by the company, not by you
     * The state is not built to protect you
     * The framework is not either
  * Mis-information may not work - they may be able to determine real patterns and behaviors by your activity, despite trying to mislead and hide it
     * The more data they get, the better they can get detailed information
  * The Law is not currently giving the protection needed
     * Technology has not been able to provide this protection either
  * Government Transparency
     * Egypt broke into the egyptian secret service and released a bunch of documents - a bit dangerous and yet important
     * Laws are going the wrong direction at the moment
        * The US has the ability to put a tracker on any car without a warrant
  * Officers are agreeing that the system is broken
  * Need to try and solve the problem ourselves
  * The government says that social activity is "metadata" and not content, and content needs a warrant, metadata does not.  Arguable that metadata is content as details can be inferred about you based on that studied behavior.
  * Going to a hospital requires signing a privacy policy where there is an exception for natural security
     * The government can just knock and ask for it
  * Section 215 of the Patriot ACT
  * If you have to use a convenience system, might try limiting use of it for more secure options
     * Riseup might be a good option, but if you become dependent on the legal entity, google might be the better option for your protection
  * When organizing
     * Trade off of functionality vs. security/privacy 
     * Crowdgrass - good option for anonymized doc sharing
     * Hushmail - bad choice for privacy
     * Riseup - a better choice for email privacy
     * SSD.eff.org (survellience self defense)
     * FLOSS manual
  * Personal digital security
     * Use FOSS OS & software
     * install from a package manager which has a strong validation system
  * Encryption just means you are protected, for awhile
     * if they get your key, then they have full access
  * What about entrusting the hardware
     * Don't buy hardware with a credit card and ensure its not obvious where the hardware is going
  * We leave electronic fingerprints all the time
  * People who are at the highest risk (immigrants, etc) may not have the skills or access to utilize these privacy options (both in knowledge and pricing)
     * Free software is "free" - except for time
     * Be thoughtful in your choice  - i.e., purchasing a netbook vs. a macbook air
     * Work on making sure people understand these risks in their life
     * Encourage safeness and offering free tools
  * Corporations may not have our best interest in mind, or they may not have the choice and may have to comply with government summons
  * Security options - trading tools
     * Trade cell phones
     * Trade grocery coupon cards
  * Resources
     * Riseup
     * iphone - private GSM - also for nokia, android, blackberry - voip service
     * Redphone
     * Textsecure - encrypted text messages - Android
     * Tor
  * Be wary of iPhone and Androids for secured communication - serious security concerns
  * The technology is only as secure as our social network/connections
  * The hardware on smart phones can control your phone, despite the use of free software on your mobile phone
     * Don't turn off cellphone, could be seen as a suspicious activity, instead, leave it at home, put in a bathroom, turn on music, etc.
  * Real effort needed is to change the Laws and create the transparency to watch the watchmen
  * Lawrence Lessig - The Code is Law
  * There is a guidebook available from Riseup 
     * you can download from TOR
  * Advice
     * Be wary of proprietary tools and information
     * Nothing is perfect, but better we try
     * Take the necessary precautions to protect those around you
Retrieved from "https://devsummit.aspirationtech.org/index.php?title=Communication_security_and_counter_surveillance&oldid=515"