Digital tools to empower civil society

Transcription

1 Digital tools to empower civil society Tools to secure what you have and circumvent what they have. Grundtvig partnership meeting Linz 2013 Jonatan Walck OpenPGP: CB5D DDA5 62AA D885 B3EB 09E7 5C20 F62F 460D 7FA :00 UTC+1

2 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

3 DPI A group of technologies (general trend) New usages, enabler of what to come

4 DPI: Briefly Name derived from OSI model Content -aware networking equipment Filtering based on Usage patterns Behavours... Targeted, not only blanket blocks/monitors

5 DPI: Example Alice (HTTP) Alice (HTTP) Network hardware (L 1-3) Mallory (HTTP) Bob (HTTP) Bob (HTTP)

6 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

7 Blocking: Definition Blocking, bandwidth limiting, hindering Including DNS-blocking

8 Blocking: Examples Iran: During 2009 elections Syria: Targeted slowdowns Turkey: Youtube, protests? Sweden+Denmark: Child abuse images Most of Europe: Copyright

9 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

10 Monitoring: Definition Passively reading what passes on the wire without any interaction. non-dpi: Who s talking to who? DPI: Who s saying what to who, in what context?

11 Monitoring: Examples Lawful interception (wiretapping) Syria (DPI) Sweden (FRA, military radio surveillance)

12 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

13 Circumvention: Tools Darknets (TOR, I2P, Freenet...) Web proxies Tunnels

14 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

15 Encryption: Letting math fight for you HTTP HTTPS TLS (and SSL)

16 Encryption: Tools to make life simple HTTPS Everywhere Browser extension from EFF ( Certificate patrol Browser extension (for advanced users) OTR (Off The Record) Extension to chat protocols (Jabber/XMPP, gtalk, skype, msn, icq, aim...)

17 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

18 Encryption: Use it anyway, but make it less needed Regulation of dual-use technologies Export restrictions Track those that track.. yet there s always the risk of a man in the middle.

19 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

20 Tools: CMS security Know your tools characteristics (Wordpress, PHP, CGI) Know your host Convenience vs. security

21 The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

22 Tools: European Union EU-wiki ( Parltrack ( Oeil ( AT4AM (

23 Discussion Threats? (Blocking/monitoring/interventions) Solutions? (Circumvention) Helping hands? (Tools) / x460D7FA7, CB5D DDA5 62AA D885 B3EB 09E7 5C20 F62F 460D 7FA7