Digital tools to empower civil society

Digital tools to empower civil society Tools to secure what you have and circumvent what they have. Grundtvig partnership meeting Linz 2013 Jonatan Walck jonatan@juliagruppen.se OpenPGP: CB5D DDA5 62AA D885 B3EB 09E7 5C20 F62F 460D 7FA7 2013-06-11 09:00 UTC+1

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

DPI A group of technologies (general trend) New usages, enabler of what to come

DPI: Briefly Name derived from OSI model Content -aware networking equipment Filtering based on Usage patterns Behavours... Targeted, not only blanket blocks/monitors

DPI: Example Alice (HTTP) Alice (HTTP) Network hardware (L 1-3) Mallory (HTTP) Bob (HTTP) Bob (HTTP)

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Blocking: Definition Blocking, bandwidth limiting, hindering Including DNS-blocking

Blocking: Examples Iran: During 2009 elections Syria: Targeted slowdowns Turkey: Youtube, protests? Sweden+Denmark: Child abuse images Most of Europe: Copyright

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Monitoring: Definition Passively reading what passes on the wire without any interaction. non-dpi: Who s talking to who? DPI: Who s saying what to who, in what context?

Monitoring: Examples Lawful interception (wiretapping) Syria (DPI) Sweden (FRA, military radio surveillance)

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Circumvention: Tools Darknets (TOR, I2P, Freenet...) Web proxies Tunnels

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Encryption: Letting math fight for you HTTP HTTPS TLS (and SSL)

Encryption: Tools to make life simple HTTPS Everywhere Browser extension from EFF (https://www.eff.org/https-everywhere) Certificate patrol Browser extension (for advanced users) OTR (Off The Record) Extension to chat protocols (Jabber/XMPP, gtalk, skype, msn, icq, aim...)

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Encryption: Use it anyway, but make it less needed Regulation of dual-use technologies Export restrictions Track those that track.. yet there s always the risk of a man in the middle.

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Tools: CMS security Know your tools characteristics (Wordpress, PHP, CGI) Know your host Convenience vs. security

The Julia group / Juliagruppen Threats: Blocking, monitoring, DPI Deep Packet Inspection Blocking of traffic Monitoring of traffic Solutions: Circumvention, encryption Circumvention of blocking Encrypt everything... and just make them stop. Tools: Empowering civil society Spreading information Tracking legislation

Tools: European Union EU-wiki (http://euwiki.org/) Parltrack (http://parltrack.euwiki.org/) Oeil (http://www.europarl.europa.eu/oeil/) AT4AM (http://www.at4am.org/)

Discussion Threats? (Blocking/monitoring/interventions) Solutions? (Circumvention) Helping hands? (Tools) jonatan@juliagruppen.se / +46 709 58 38 17 0x460D7FA7, CB5D DDA5 62AA D885 B3EB 09E7 5C20 F62F 460D 7FA7