Getting a handle on privacy and security

Transcript

1. Thursday, 28 June, 12

2. Getting a handle on Privacy and Security Thursday, 28 June,

   12

3. How well do you understand Privacy and Security? "Knowledge is

   power, if you know it about the right person." - Erastus Flavel Beadle Thursday, 28 June, 12

4. Profile of a User •Blogs (a little) •Avid Facebook user

   •Sells workshops online •Using computers as long as some of you have been alive •Lives with a relatively knowledgable tech nerd •Loves her Mac Air and iPhone •possibly more than me Thursday, 28 June, 12

5. Profile of a User •Cookies? Mmmm •What’s tracking? •HTTPS? That’s

   what I have you for •Privacy Policies? Aren’t they all the same? •I keep my passwords in my address book, is that bad? •Is this something I’m supposed to know? Thursday, 28 June, 12

6. How much should people be expected to know? "I am

   not ashamed to confess that I am ignorant of what I do not know." - Marcus Tullius Cicero Thursday, 28 June, 12

7. How do you communicate Privacy? Thursday, 28 June, 12

8. We can do more to help people make decisions that

   are right for them "The more you know, the less you understand." - Tao Le Ching Thursday, 28 June, 12

9. So what have we done? Thursday, 28 June, 12

10. DNT: Do Not Track •user opt-out of 3rd party tracking

    •industry opt-in notification •alone, does not solve tracking •does not help users otherwise identify and stop tracking source: freefoto.com Thursday, 28 June, 12

11. DNT: Do Not Track •W3C technical bits defined •Process issues

    •what is tracking? •what happens when you see header? source: freefoto.com Thursday, 28 June, 12

12. Collusion •Mozilla and Ford Foundation working together •educate users about

    tracking •experimental addon •real-time tracking information •helps users identify tracking •will help users opt-in to tracking •my opinion, UI is still too techy Thursday, 28 June, 12

13. demo Thursday, 28 June, 12

14. Personas aka BrowserID •secure verified authentication without passwords •use it,

    it’s awesome •forward looking solution for identity management •does not solve existing password management •demo later Thursday, 28 June, 12

15. Watchdog •experimental work •examine your passwords •duplicates, age, similarity, strength

    •show you problem areas •help you choose good passwords •not yet built for normal users •demo Thursday, 28 June, 12

16. demo Thursday, 28 June, 12

17. Web Activities •Lots of ways to cook an egg •User

    Agent mediates •Inherently private •Users have control •Services have control Thursday, 28 June, 12

18. demo Thursday, 28 June, 12

19. SocialAPI •Integrate Social content in browser •User Agent mediates •Inherently

    private •Possibly promiscuous •Users have control •Services have control Thursday, 28 June, 12

20. demo Thursday, 28 June, 12

21. Lots of problems to solve, Here’s one unrealistic crazy idea...

    Thursday, 28 June, 12

22. Privacy Icons? Thursday, 28 June, 12

23. Why not this? Thursday, 28 June, 12

24. Privacy Dating Game •in-browser privacy behavioural questionnaire, similar to match.com

    •creates user privacy profile •matches that profile to preferences •Simple UI indicators based on MY profile A single icon that reflects my privacy preferences Thursday, 28 June, 12

25. Crazy Ideas Welcome Thursday, 28 June, 12

26. Other ideas and problems •Cookie management •Password management •W3C Privacy

    Dashboard •authorized addon •cookie jars •etc. etc. https://wiki.mozilla.org/Privacy Get Involved, many items on the privacy roadmaps need help. Thursday, 28 June, 12

27. Users should expect their User Agent to be a User

    Agent. Thursday, 28 June, 12

28. "Never fail to know that if you are doing all

    the talking, you are boring somebody." - Helen Gurley Brown Questions and Comments Welcome Thursday, 28 June, 12

29. https://wiki.mozilla.org/Privacy http://blog.mozilla.com/privacy/ http://mozillalabs.com/ irc: #labs #privacy #identity Shane Caraveo Mozilla

    Lab Rat, Privacy Friend, Instigator Vancouver, Canada [email protected] "I don't even know what street Canada is on." - Al Capone Thursday, 28 June, 12