Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Digital Security & Privacy. What is anonymity a...

Arturo Filastò
October 15, 2019
Technology
0
72

Digital Security & Privacy. What is anonymity and why does it matter?

Arturo Filastò

October 15, 2019
Tweet

More Decks by Arturo Filastò

See All by Arturo Filastò
Digital Security for Journalists
hellais
0
57
C'è più censura di quello che pensi
hellais
1
170
Digital Whistleblowing With GlobaLeaks
hellais
0
70
OONI: Open Observatory of Network Interference
hellais
0
130
Hack.lu 2012
hellais
1
110
OONI MOCA 2012
hellais
1
85
OONI and Daphn3
hellais
1
500
Tor and Censorship 2012
hellais
2
100

Other Decks in Technology

See All in Technology
"とにかくやってみる"で始めるAWS Security Hub
maimyyym
2
100
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
310
IBC 2024 動画技術関連レポート / IBC 2024 Report
cyberagentdevelopers
PRO
1
120
VideoMamba: State Space Model for Efficient Video Understanding
chou500
0
200
RubyのWebアプリケーションを50倍速くする方法 / How to Make a Ruby Web Application 50 Times Faster
hogelog
3
950
エンジニア人生の拡張性を高める 「探索型キャリア設計」の提案
tenshoku_draft
1
130
Why App Signing Matters for Your Android Apps - Android Bangkok Conference 2024
akexorcist
0
130
Security-JAWS【第35回】勉強会クラウドにおけるマルウェアやコンテンツ改ざんへの対策
4su_para
0
190
Adopting Jetpack Compose in Your Existing Project - GDG DevFest Bangkok 2024
akexorcist
0
120
SSMRunbook作成の勘所_20241120
koichiotomo
3
170
Mastering Quickfix
daisuzu
1
260
SDNという名のデータプレーンプログラミングの歴史
ebiken
PRO
2
160

Featured

See All Featured
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.7k
Art, The Web, and Tiny UX
lynnandtonic
297
20k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
246
1.3M
Fashionably flexible responsive web design (full day workshop)
malarkey
405
65k
Building Applications with DynamoDB
mza
90
6.1k
Ruby is Unlike a Banana
tanoku
97
11k
Thoughts on Productivity
jonyablonski
67
4.3k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.2k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Happy Clients
brianwarren
98
6.7k

Transcript

  1. Digital Security & Privacy What is anonymity and why does

    it matter? Arturo Filastò - WFP@Rome, 15th October 2019

  2. Who am I? • 10+ years working in security, privacy

    & software development • Involved since early 2000s in the Italian hacker scene • Volunteering with the Tor Project since 2010 • One the creators of the GlobaLeaks whistleblowing platform in 2011 • Founded the Hermes Center for Digital Human Rights in 2012 and served as vice-president • Created OONI, the Open Observatory of Network Interference in 2012 and still working on this
  3. None

  4. Digital security 101 • It’s a process • One size

    doesn’t fit all • There will always be some tradeoffs
  5. None

  6. Threat Model • What do you have to keep private

    (Assets)? • Who has interest in compromising you and what can they do (Adversary Capabilities)? • What happens if you are compromised (Impact)?

  7. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

  8. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  9. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  10. Alice Bob Let’s meet in Piazza del Popolo at 11:00!

    Eve

  11. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00! Encryption is about protecting the content of the communication

  12. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00!

  13. Alice Bob Eve Let’s meet in Piazza del Popolo at

    11:00! love, Alice Authentication is about understanding who is who

  14. https://myshadow.org/resources

  15. • Data in motion is a means of communicating with

    other people or network devices • Data at rest is a means of communicating with yourself over time

  16. “We kill people based on metadata” - Gen. Micheal Hayden

    Former head of the NSA
  17. None

  18. Evaluating tools • Is it open source or is it

    proprietary? • Does it have a threat model? • What is the business model of the company which owns the service? • What are the terms of service?

  19. Privacy by design vs Privacy by policy

  20. Alice Bob Eve Don’t tell anyone we are friends! Anonymity

  21. Alice Bob Eve

  22. Tor is private by design! • Public design document and

    specifications • Open Source free software • The network is run by volunteers • Attacks have been published and fixed • You don’t have to trust us!

  23. Onion Services • It’s like Tor, but for services •

    Self authenticated • End-to-end encrypted
  24. None
  25. None
  26. None

  27. What next? Try out these apps! https://torproject.org Learn more! https://securityinabox.org

    https://ssd.eff.org Contact me arturo@filasto.net @hellais