Presentation PDF
Presentation PDF
Presentation PDF
4
TL;DR - Shorter, DIY Version
6
Why Privacy Matters
It's not about "having something to hide"
Watch on YouTube
Snowden Documents
Major takeaways:
In 2016, we learned Yahoo! had new spy software for the NSA. At
least 1.5 billion accounts were also breached in separate
incidents. 9
Good News
More privacy software, easier to use than in 2013
6. Centralization is dangerous.
11
What about iPhones, WhatsApp, Facebook?
Apple knows who you talk to, even when they don't know
what you say to them.
Jitsi Meet
Secure Audio/Video Chat
Let's name a new room at https://meet.jit.si
...this chat room will self‐destruct when everyone leaves.
Peer-to-Peer
Password-protected rooms,
no user limit, screen sharing
Jabber (XMPP) is the basis for most IM (Google Chat etc.) but
you need a trusted service provider. Try DuckDuckGo XMPP,
or join Riseup, MayFirst, or the Free Software Foundation.
Use Pidgin (Windows & Linux) and Adium (Mac) with XMPP.
Check the settings and make sure you're not logging chats.
Set up OTR for truly private XMPP. Follow this OTR guide
Watch on YouTube
Picking Ain't Easy
Start by eliminating proprietary software
and services with advertisements.
Better Browsing
Browser Warning!
We'll focus on Firefox (and PureBrowser
variant). Mozilla values privacy & has a solid record.
Why not Google Chrome? Most of the following tips will also
work on Chrome & Chromium (100% FOSS version). Chrome
contains proprietary code, has serious privacy issues, and
reports back to Google several ways even if you try to opt out.
20
Breaking Ads
Try these addons & tweak the settings.
How to install | How to remove addons
Watch on YouTube
Demonstration:
Try out
Use TBB for the "normal" Web and the Deep Web.
Watch on YouTube
Sharing Is Caring
...but love is a battle eld. Practice safe sharing.
Dropbox-like solutions:
SparkleShare | SpiderOak (some parts proprietary) 30
Demonstration:
"The Amnesiac Incognito Live System"
Tails
Tails is the Tor operating system
Follow the Tails Installation Assistant
34
What Can the "Average User" Do?
Try GNU/Linux, a popular & friendly family of FOSS
operating systems. Tails is only one member of this
family, and may not t your threat model.
35
What is "Linux"?
"Linux" explained, in four minutes.
Watch on YouTube
The GNU/Linux Distro For You
39
Finding a ROM
ROMs in the modding community are
loosely equivalent to distros / rmware.
40
Got r00t?
rooting a device means getting superuser / sysadmin
access. It's a Unix-y term for full control of a system.
Apps
1. Install F-Droid, the FOSS app store for Android.
You may have to "allow unknown sources".
3. Install Orbot & Orfox, Tor and Tor Browser for Android.
5. Look for other E2EE apps around the Web like Signal.
43
What about my Router?
Your gateway to the Internet may be
insecure. Default router / modem rmware has many
vulnerabilities and is often under attack.
Watch on YouTube
Encrypt Your Storage
Encryption works, but is only as good as the
implementation. FBI had a hard time getting
into that iPhone. If they tried, Apple could get
in more easily.
47
E-mail is an easy target
E-mail is often sent and received insecurely, yet
users treat it as a secure channel.
Inboxes are utilized for personal data storage.
Weak passwords & password sharing is common, especially
under work pressure.
Junk/spam lters play a cat-and-mouse game.
Phishing scams are increasingly-sophisticated.
Don't assume spies are too cool for phishing. Malware sent
via e-mail is a common tactic.
48
Demonstration:
Up and running with
Encrypted E-mail
The Road to Private Webmail
Create a Tutanota account. Use Tor Browser if you can.
Tutanota & Protonmail are not as exible or popular as GPG. They work
best if everyone uses the same webmail provider.
50
GPG guide by anon108
Uploaded Jan. 6, 2013. Can you name the voice?
Watch on Vimeo
You Down with PGP? Yeah, GnuPG!
Download Thunderbird
52
Avoid Web Publishing Traps
Sharing isn't just about conversations.
The Web is for publishing World Wide .
Avoid walled gardens with total surveillance like Facebook. Replace them
with federated social networks.
53
Secure Comms Strategy
Make a plan and stick to it.
The Only Constant Is Change! Try new software, keep up on tech news &
potential threats, and re-evaluate over time.
Resources
Free Software Foundation: fsf.org
Tor Project: torproject.org
Electronic Frontier Foundation: eff.org
Digital Security For Journalists
Screenshot of Jitsi Meet with Animal and Kermit from The Muppets
"See no, Hear no, Speak no" penguins, Crystal Icons by Everaldo Coelho, GNU
LGPLv2 or later
Tux the penguin as Neo from The Matrix , Crystal Icons by Everaldo Coelho, GNU
LGPLv2 or later
Android plus F-Droid screenshot, Sean O'Brien, CC BY-SA 4.0 or GNU GPLv3 or
later
F-Droid logo, William Theaker, Robert Martinez, and Andrew Nayenko, CC BY-SA
3.0 or GNU GPLv3 or later
Sources (continued)
"Tor and HTTPS" diagram, Electronic Frontier Foundation, CC BY 3.0