Trigger warning: authoritarianism, state surveillance, the Holocaust. If you want to avoid these topics, please jump to the last paragraph of this introduction, starting with ‘Enough about the depressing stuff.’
Before we start, I feel like I need to give a bit of background on why I care so deeply about privacy. It’s partly historical. Being Ashkenazi, I learnt from a very young age about the importance of sensitive information, and who you give that information to. My grandfather broke the law by not going to the police station to register himself as a Jew. The Holocaust saw 76,000 Jews deported to death camps from France alone - around 1/4th of the country’s Jewish population at the time. There’s a chance that not being part of the Jewish census saved his life. Lesson: be careful who you give sensitive information to.
My grandfather and two of his brothers left Paris in the middle of the war, and took a train south with no plan, no luggage, no contact, and no destination other than, well, heading south. They were helped by strangers and survived. Their mother however, along with two other siblings, had a plan. They had a deal with a smuggler to reach unoccupied France. The smuggler informed the Nazis, and all 3 of them died in deportation. Lesson: each person who has information on you represents an additional chance for it to be leaked.
And yes, we can raise the irony of mentioning my Jewish grandpa to warn you against sharing sensitive information online. There, I just did.
While this happened in the 1940’s, a data point’s lifespan is drastically different today. It’s possible that you posted something online 10 years ago, and it was fine back then, but 20 years from now you will hope that no one finds it.
My message is: the Internet never forgets, cultures change, and retroactive laws exist. People can get screwed over digital data. Let’s take the obvious example: China’s state surveillance has an eye on literally each and every move of its inhabitants, whether physical or digital. The state uses extensive data to allocate social scores, which can have a drastic impact on Chinese people’s lives, including banning them from purchasing train or plane tickets, providing them with lower Internet speed, and denying them visas and loans.
China also makes use of this surveillance system against its Uyghur population, detaining between 1 and 2 million people - the estimates vary - in concentration camps, where prisoners suffer extensively reported torture, brainwashing and forced labour.
Apart from governmental issues, there’s also the topic of pervasive tracking and ads, championed by Facebook and Google.
I’m yet to see the difference between today’s digital advertising and individually-customized mass manipulation. Maybe because there is none. Please try and change my mind if you have any conclusive elements.
Enough about the depressing stuff. I’ve explained why your privacy matters, and we’re now about to dive into a few security concepts. I wrote this article with lp1, as he knows much more about these concepts than I do. So here’s my first pro tip for you, unrelated to privacy or security: date people you admire. Now, let’s get into the technical aspects.
The CIA ‘triad’ is a summary of the main concepts of information security. There are 3 aspects regarding information which are targeted by infosec:
Encryption secures data and aims to maintain its confidentiality and integrity.
We differentiate server-side from client-side encryption. Server-side means that only information stored on said server is encrypted. This means that the company has the encryption key, and therefore can access your communication (yes, including your nudes). However, server-side encryption doesn’t apply to the transmission of your communication. The data you share is not necessarily encrypted, only the storage is, which is why you should favour platforms that use https.
Client-side – or end-to-end – encryption means that the transmission of your information is encrypted, and that only your device has the key. If you log in from a different device, you won’t be able to see the exchanges. Since the company does not have the key, they cannot access your messages. As a result, even if they were to store your exchanges, said exchanges would automatically be encrypted. However, this also means that you won’t be able to recover your messages, should you lose the key.
In the case of a communication service, this means that the nudes you're sending to someone you trust are encrypted from your device to the company's server, as well as from their server to your trusted partner's device. Without encryption however, anyone on your network can see and tamper with all your communications. By 'tamper with', we mean any kind of modification by an unauthorised third-party. Examples include someone changing your password and email address on a platform to take over your account, deleting your private files on a cloud file storage service, replacing software in your online backups with malware, etc.
A recent example is the July Twitter hack, during which hackers managed to read users' messages from Twitter's admin control panel.
With end-to-end encrypted DMs, no one at Twitter would have been able to access them.
A distinction has to be made between two important notions: encryption and hashing. Encrypting information means that you turn it into scrambled text which can be decoded with a key. For instance, it's useful to make sure a communication between two peers cannot be read by an unauthorized person.
Hashing a piece of data on the other hand means that you turn it into a unique signature which cannot be reversed into its original readable state. The only way for someone to obtain the original input based on the hashing output, is to try inputs themselves until their output matches. Hashing is not intended as a cypher to decrypt, which is why encryption and hashing serve different purposes and are used in different cases.
Hashing is noticeably useful to store passwords, because you avoid storing the actual easy-to-steal-and-reuse passwords. Instead, you compare the hashing output that you store to the hashing output of what a user entered while trying to log in. If you get the same hash that you’ve stored, then the password is correct.
Flaws and vulnerabilities can always be found. However, the sturdier your tools, the safer you'll be. And contrary to what A-ha used to sing, it is better to be safe than sorry.
Free and open source software are specific philosophies, based on specific values. Free software specifically refers to the notion of users' freedom, which isn't the case in open-source software. As the GNU website puts it:
'To understand the concept, you should think of “free” as in “free speech,” not as in “free beer”'.
There are 4 criteria for software to be free:
On the other hand, open-source software has a less strict definition, and a different philosophy. You can also see the source code, amongst other things.
If you want to get into the political aspect of these terminologies, here’s a good explanation.
Credential stuffing is a popular attack whose goal is to automatically test a user’s known credentials on multiple platforms on a large scale. Nowadays, it is widely used by malicious intruders because of the online accessibility of billions of credentials gathered from data leaks (MySpace, Dailymotion, Dropbox to name some of the biggest).
And there you have it, a roundup of the main security concepts. Feel free to reach out to lp1 or me on Twitter. Part 2 will be available next week, with a list of the privacy and security tools we frequently use and recommend.
If you’re looking for a UX researcher or UX designer to work in the privacy and security sphere, I’d love to have a chat with you! You can find me on Twitter or contact me via my website.
Previously published at https://thistooshallgrow.com/blog/privacy-security-roundup