Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Digital Security & Privacy. What is anonymity a...

Arturo Filastò
October 15, 2019
Technology
0
70

Digital Security & Privacy. What is anonymity and why does it matter?

Arturo Filastò

October 15, 2019
Tweet

More Decks by Arturo Filastò

See All by Arturo Filastò
Digital Security for Journalists
hellais
0
57
C'è più censura di quello che pensi
hellais
1
170
Digital Whistleblowing With GlobaLeaks
hellais
0
70
OONI: Open Observatory of Network Interference
hellais
0
130
Hack.lu 2012
hellais
1
110
OONI MOCA 2012
hellais
1
83
OONI and Daphn3
hellais
1
490
Tor and Censorship 2012
hellais
2
99

Other Decks in Technology

See All in Technology
AWS CDKでデータリストアの運用、どのように設計する?~Aurora・EFSの実践事例を紹介~/aws-cdk-data-restore-aurora-efs
mhrtech
4
710
カメラを用いた店内計測におけるオプトインの仕組みの実現 / ai-optin-camera
cyberagentdevelopers
PRO
1
130
AWS re:Invent 2024 Kansai Standby
hiroramos4
PRO
0
110
コンテンツを支える 若手ゲームクリエイターの アートディレクションの事例紹介 / cagamefi-game
cyberagentdevelopers
PRO
1
140
Datachain会社紹介資料(2024年11月) / Company Deck
datachain
4
16k
「 SharePoint 難しい」ってよく聞くけど、そんなに言うなら8歳の息子に試してもらった
taichinakamura
2
740
SNSマーケティングに革新! ABEMA サッカー動画切り出しを生成AIで自動化し、業務効率化を狙う! / abema-ai-marketing
cyberagentdevelopers
PRO
1
110
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
27
12k
CyberAgent 生成AI Deep Dive with Amazon Web Services / genai-aws
cyberagentdevelopers
PRO
1
500
スプリントゴールにチームの状態も設定する背景とその効果 / Team state in sprint goals why and impact
kakehashi
2
120
生成AIの強みと弱みを理解して、生成AIがもたらすパワーをプロダクトの価値へ繋げるために実践したこと / advance-ai-generating
cyberagentdevelopers
PRO
1
200
君は隠しイベントを見つけれるか?
mujyun
0
360

Featured

See All Featured
Build The Right Thing And Hit Your Dates
maggiecrowley
32
2.4k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Building Your Own Lightsaber
phodgson
102
6.1k
Docker and Python
trallard
40
3.1k
4 Signs Your Business is Dying
shpigford
180
21k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
43
6.6k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Learning to Love Humans: Emotional Interface Design
aarron
272
40k
How to Think Like a Performance Engineer
csswizardry
19
1.1k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
320
Rebuilding a faster, lazier Slack
samanthasiow
79
8.6k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
355
29k

Transcript

  1. Digital Security & Privacy What is anonymity and why does

    it matter? Arturo Filastò - WFP@Rome, 15th October 2019

  2. Who am I? • 10+ years working in security, privacy

    & software development • Involved since early 2000s in the Italian hacker scene • Volunteering with the Tor Project since 2010 • One the creators of the GlobaLeaks whistleblowing platform in 2011 • Founded the Hermes Center for Digital Human Rights in 2012 and served as vice-president • Created OONI, the Open Observatory of Network Interference in 2012 and still working on this
  3. None

  4. Digital security 101 • It’s a process • One size

    doesn’t fit all • There will always be some tradeoffs
  5. None

  6. Threat Model • What do you have to keep private

    (Assets)? • Who has interest in compromising you and what can they do (Adversary Capabilities)? • What happens if you are compromised (Impact)?

  7. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

  8. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  9. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  10. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  11. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00! Encryption is about protecting the content of the communication

  12. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00!

  13. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00! love, Alice Authentication is about understanding who is who

  14. https://myshadow.org/resources

  15. • Data in motion is a means of communicating with

    other people or network devices • Data at rest is a means of communicating with yourself over time

  16. “We kill people based on metadata” - Gen. Micheal Hayden

    Former head of the NSA
  17. None

  18. Evaluating tools • Is it open source or is it

    proprietary? • Does it have a threat model? • What is the business model of the company which owns the service? • What are the terms of service?

  19. Privacy by design vs Privacy by policy

  20. Alice Bob Eve Don’t tell anyone we are friends! Anonymity

  21. Alice Bob Eve

  22. Tor is private by design! • Public design document and

    specifications • Open Source free software • The network is run by volunteers • Attacks have been published and fixed • You don’t have to trust us!

  23. Onion Services • It’s like Tor, but for services •

    Self authenticated • End-to-end encrypted
  24. None
  25. None
  26. None

  27. What next? Try out these apps! https://torproject.org Learn more! https://securityinabox.org

    https://ssd.eff.org Contact me arturo@filasto.net @hellais