Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Digital Security & Privacy. What is anonymity and why does it matter?

Arturo Filastò
October 15, 2019
Technology
0
52

Digital Security & Privacy. What is anonymity and why does it matter?

Arturo Filastò

October 15, 2019
Tweet

More Decks by Arturo Filastò

See All by Arturo Filastò
Digital Security for Journalists
hellais
0
54
C'è più censura di quello che pensi
hellais
1
160
Digital Whistleblowing With GlobaLeaks
hellais
0
70
OONI: Open Observatory of Network Interference
hellais
0
120
Hack.lu 2012
hellais
1
110
OONI MOCA 2012
hellais
1
82
OONI and Daphn3
hellais
1
420
Tor and Censorship 2012
hellais
2
97

Other Decks in Technology

See All in Technology
20分で完全に理解するGrafanaダッシュボード
hamadakoji
3
670
Cracking the KubeCon CfP
inductor
2
250
家族アルバム みてねにおけるGrafana活用術 / Grafana Meetup Japan Vol.1 LT
isaoshimizu
1
770
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
2.1k
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
900
LayerXにおけるLLMプロダクト開発の今までとこれから
layerx
PRO
1
380
LLM開発・活用の舞台裏@2024.04.25
yushin_n
1
360
DMM.com アルファ室採用案内資料
hsugita
1
160
チームでロジカルシンキングに改めて向き合っている話 〜学習環境と実践⽅法〜
sansantech
PRO
3
2.7k
反実仮想機械学習とは何か
usaito
PRO
11
4.7k
自己改善からチームを動かす! 「セルフエンジニアリングマネージャー」のすゝめ
shoota
6
780
検証を通して見えてきたTiDBの性能特性
lycorptech_jp
PRO
6
3.8k

Featured

See All Featured
WebSockets: Embracing the real-time Web
robhawkes
59
7k
Art, The Web, and Tiny UX
lynnandtonic
289
19k
Pencils Down: Stop Designing & Start Developing
hursman
117
11k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
187
16k
What's new in Ruby 2.0
geeforr
337
31k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
221
21k
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k
[RailsConf 2023] Rails as a piece of cake
palkan
23
4k
Designing with Data
zakiwarfel
96
4.8k
Atom: Resistance is Futile
akmur
259
25k
Agile that works and the tools we love
rasmusluckow
325
20k
The Cost Of JavaScript in 2023
addyosmani
16
3.9k

Transcript

  1. Digital Security & Privacy What is anonymity and why does

    it matter? Arturo Filastò - WFP@Rome, 15th October 2019

  2. Who am I? • 10+ years working in security, privacy

    & software development • Involved since early 2000s in the Italian hacker scene • Volunteering with the Tor Project since 2010 • One the creators of the GlobaLeaks whistleblowing platform in 2011 • Founded the Hermes Center for Digital Human Rights in 2012 and served as vice-president • Created OONI, the Open Observatory of Network Interference in 2012 and still working on this
  3. None

  4. Digital security 101 • It’s a process • One size

    doesn’t fit all • There will always be some tradeoffs
  5. None

  6. Threat Model • What do you have to keep private

    (Assets)? • Who has interest in compromising you and what can they do (Adversary Capabilities)? • What happens if you are compromised (Impact)?

  7. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

  8. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  9. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  10. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  11. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00! Encryption is about protecting the content of the communication

  12. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00!

  13. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00! love, Alice Authentication is about understanding who is who

  14. https://myshadow.org/resources

  15. • Data in motion is a means of communicating with

    other people or network devices • Data at rest is a means of communicating with yourself over time

  16. “We kill people based on metadata” - Gen. Micheal Hayden

    Former head of the NSA
  17. None

  18. Evaluating tools • Is it open source or is it

    proprietary? • Does it have a threat model? • What is the business model of the company which owns the service? • What are the terms of service?

  19. Privacy by design vs Privacy by policy

  20. Alice Bob Eve Don’t tell anyone we are friends! Anonymity

  21. Alice Bob Eve

  22. Tor is private by design! • Public design document and

    specifications • Open Source free software • The network is run by volunteers • Attacks have been published and fixed • You don’t have to trust us!

  23. Onion Services • It’s like Tor, but for services •

    Self authenticated • End-to-end encrypted
  24. None
  25. None
  26. None

  27. What next? Try out these apps! https://torproject.org Learn more! https://securityinabox.org

    https://ssd.eff.org Contact me arturo@filasto.net @hellais