Security tools

From DevSummit
Revision as of 22:33, 17 November 2016 by Jucsanch (talk | contribs)
Jump to navigation Jump to search

Why are you here?

  • mobile security high priority because access by marginalized community
  • international organization
  • learn
  • check biases in thinking about
  • concerned about chilling effects of surveillance
  • sudden demand for training
  • how to layer awareness on top of sudden demand for tools
  • share insights from digital defense, make widely useful
  • integrate security into digital literacy
  • find right tools for different communities with different levels of comfort with technology
  • increased attacks on Middle Eastern and South Asian – track incidents and co-ordinate response
  • surveillance going to affect some more than other – those directly affected make the best trainers
  • how to co-ordinate response to sudden demand

Who are we centering?

Different communities are already affected very differently by current surveillance and lack of privacy, but post US election the impact on different communities will likely be even more differentiated.

Lots of vulnerable communities that are under attack e.g. trans women of color are going to be under even greater attack. Not specific tech needs but generally extreme duress. Organizers are using Facebook but are likely to be targeted. FB is where people are. Brainwashing songs, kids and old people affected by propaganda – develop tools to block propaganda from our own lives – people who are especially vulnerable to messaging e.g. youth and elders – how can they block the messages. Reproductive justice organizations – fears of what is going on with actual current security needs. Govt can defund and make work illegal but also growing threat of alt right with tech knowledge. Balancing trade-offs between what is needed now and (responding to) changing landscape. In African American communities (Harlem) and immigrant communities, conspiracy theories by law enforcement (to justify) targeting people. Registers of people.

Don’t forget that this has been a surveillance state and some people have felt for a while, Muslims Sikhs [irony] because who knows the difference? [/irony], Anyone resisting mass deportations e.g. by sheltering people. Long term banality of evil – traveling in and out of country is going to get that much harder. Undoc people who have been involved hard tactics. Early warning for mass deportations but people organizing it have to communicate. Lots of groups talking about extremely unrepresented in tech and even more so security space. Techies – lets not center ourselves.

What are our priorities?

Only the people who are affected know what is most important to them, they don’t know what the state can do and what tools can help.

Conversation: What are you most worried about? What is your relationship with technology?

Threat modeling? Need to understand people you want to help. Bi-directional exchange. What threat models do people have? How can they figure out, what assets do you want to protect? Who are your adversaries? What kind of threats do they pose? What are trade-offs?

Position the community as experts. Some critique of “threat modeling” as militaristic. What is framework that community is already using. Facilitate conversation in a way that is in line with what they have and want. If part of the community then can get Ela Galprin of EFF talks about this – I want to be safe, ok, what are you worried about? Does anything concern you?

Risk assessment and harm reduction

Question: What is the current state of curriculum and training and training for trainers? This should be a separate session.

Appreciative Inquiry: what is going well, what support could you use? But this is high touch especially with non English speakers. How could this be transformed into visual flow, if this then that that can scale and be used to train people especially

How to talk about non threats? Should we just be paranoid all the time?

Threat of incapacitating blanket paranoia, one advantage of threat modeling is start off paranoid and end with specifics

Framework for sorting to their own priorities.

What can people do that is offline – non technical.

How to use this moment to recruit allies and get allies to do something that will actually help for example getting people to encrypt to increase traffic.

What is happening right now is not working. Lots of resources but not reaching people who need it.


Center for disease control has good model for communicating information into different communities – e.g. wash your hands, wear a mask

Session: simple poster with high level security principles e.g. 5 steps everyone can do to better protect themselves and friends


What is success?

Adjectives describing success:

semblance of normalcy with reduced harm, seamless and integrated, habitual and normalized, personal awareness motivated, inclusive and holistic, feelings of futility amongst surveillance adversaries, normalized and distributed, commune place, connecting now dividing, sustainable and affordable, just, empowering not frightening, hella easy

Retrieved from "https://devsummit.aspirationtech.org/index.php?title=Security_tools&oldid=2127"