Panchayath circular KLC -Panchayath raj act s 169, 218
Digi securitypres
1. Digital Risks
and Security for Activists
eCampaigning Forum
Future Forum
April 11th, 2014
Dirk Slater
FabRiders- www.fabrider.net
@fabrider
2.
3. Evolution of Information Security
Stuff that makes us vulnerable
The Problem with Online Services and Security
Tools
Frameworks for Information Security
Responsibility of Data Collectors
Some tools and resources
Today
4. A personal look at protecting information
The rise of the relational database
Evolution of Information
Security
5. Stuff that makes us
Vulnerable
• Email
• Search engines
• Web browsers
• Cloud services
• VoIP comms
• Social networking
• (i.e. everything we do on the internet)
11. The problem with
security tools
They are often counter-intuitive
and not in the reach of mere mortals
They often arise suspicion
It's an arms race
12. Information about us is shared everywhere
Online Services are completely insecure and are
making money off the information they are collecting
Security tools are problematic
So?
17. What is the threat?
• Confidentiality is keeping assets or knowledge about assets away
from unauthorized parties.
• Integrity is keeping assets undamaged and unaltered.
• Availability is the assurance that assets are available to parties
authorized to use them.
• Consistency is when assets behave and work as expected, all the
time.
• Control is the regulation of access to assets.
• Audit is the ability to verify that assets are secure.
18. What is the Risk?
The Likelihood of a Threat Actually Occurring:
• Confidentiality
• Integrity
• Availability
• Consi
• stency
• Control
• Verification
20. Responsibility of
Data Collection
• Do you have consent?
• Do people understand how you are
going to use the data?
• Do people understand the risks?
21. Five Questions About
Security Solutions*
What assets are you trying to protect?
What are the risks to those assets?
How well does the security solution mitigate
those risks?
What other risks does the security solution
cause?
What costs and trade-offs does the security
solution impose?
* from Bruce Shneier's book 'Beyond Fear'
22. Password Managers
PGP (email encryption)
TOR
The Guardian Project (TOR for
Android)
Security Tools to Consider
23. What are the assets, risks, & threats?
Be responsible in your data collection
Consider using security tools after you’ve assessed
their impact
Remember
24. EFF’s Surveillance Self Defense -
https://ssd.eff.org/risk
Tactical Tech’s Protect Program –
https://protect.tacticaltech.org/
Me and My Shadow https://myshadow.org/#
Article 19’s Online Protection
Videoshttp://www.article19.org/online-protection/
Resources