Your browser doesn't support impress.js. Try Chrome or Safari.
Privacy in a digital environment
By @lisapassing and @til
We are going to talk about:
- what is privacy and why it matters
- how do I protect myself
- how encryption works
What is privacy
What is privacy
Privacy is a human right.
What is privacy
Privacy is a human right.
It is the line that defines how far society can intrude our personal lives
Privacy in the course of time
Privacy in the course of time
Privacy in the course of time
Privacy in the course of time
Privacy in the course of time
personal space and private property
right to be left alone
territory and communication
relationships and own well-being
Privacy in the course of time
personal space and private property
right to be left alone
territory and communication
relationships and own well-being
personal information shared with others online and offline
Personal data defines us and our private lives
Being able to decide how this data is gathered and used is an important part of our civil rights
Why privacy matters
Why privacy matters
self censorship in your head
fundamental for democracy
no guarantee that a future government will not abuse its powers
A person under surveillance is no longer free; a
society under surveillance is no longer a democracy.
Mass surveillance treats every citizen as a
potential suspect.
- Open letter of 560 notable writers from Dec 09 2013
They who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety
- Benjamin Franklin
How do I protect my online privacy and anonymity?
Where are vulnerabilities?
Where are vulnerabilities?
Basically everywhere
Where are vulnerabilities?
Basically everywhere
Let's focus on e-mail and web browsing
the solution to our problem is
the solution to our problem is
encryption
How does encryption work?
Numeric operations
Represent text as numbers
For example with this scheme: a=1, b=2, c=3, ...
Numeric operations
Represent text as numbers
For example with this scheme: a=1, b=2, c=3, ...
apply some numeric operation
Two kinds of encryption:
Symmetric
Asymmetric
Symmetric encryption
Symmetric encryption
Secret key. Example: h=3, e=9, l=19, o=2, ...
Symmetric encryption
Secret key. Example: h=3, e=9, l=19, o=2, ...
h=8+3, e=5+9, l=12+19, o=5+2
Symmetric encryption
Secret key. Example: h=3, e=9, l=19, o=2, ...
h=8+3, e=5+9, l=12+19, o=5+2
Secret key needed to encrypt and decrypt
Asymmetric encryption
Asymmetric encryption
Public / private key pair
Asymmetric encryption
Based on crazy mathematics
Asymmetric encryption
Based on crazy mathematics
Easy to compute in one direction, hard in the other
Asymmetric encryption
Based on crazy mathematics
Easy to compute in one direction, hard in the other
RSA is the most common algorithm
but there are others, such as Elliptic Curve Cryptography
How do I encrypt my e-mail?
How do I encrypt my e-mail?
With PGP!
PGP is awesome, because:
PGP is awesome, because:
it implements asymmetric encryption for lot of things (one of them email)
it is available for all operating systems and mail clients
it is very ease to install and to use
How do I browse securely?
How do I browse securely?
With HTTPS and Tor!
HTTPS
HTTPS
is a protocol that uses encryption
HTTPS
is a protocol that uses encryption
to hide what you send
HTTPS
HTTPS
uses signed certificates
HTTPS
uses signed certificates
to make sure you can trust the server you're talking to
Tor
Tor
is a network that re-routes your traffic
Tor
is a network that re-routes your traffic
while using multiple layers of encryption to
Tor
is a network that re-routes your traffic
while using multiple layers of encryption to
hide who you are and who you're talking to
It takes some time and effort to learn the tools and to get used to them.
The good thing is you can't make mistakes or make it worse.
The good thing is you can't make mistakes or make it worse.
Because doing nothing is already the worst - so anything you do makes it better.
It's every citizen's duty and right to demand their privacy.
It's every citizen's duty and right to demand their privacy.
So we should make sure everyone has the possibility to do just that.