• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
PBU-Blocking_Your_Metadata
 

PBU-Blocking_Your_Metadata

on

  • 217 views

http://prismbreakup.org/#/schedule/blocking-your-metadata ...

http://prismbreakup.org/#/schedule/blocking-your-metadata
This workshop will be a roundtable discussion and tutorials on a few ways to limit your metadata trail. Before relying on proprietary services, we will investigate their known alternatives:

Email: Google vs. Zarafa

Digital e-storage: Dropbox vs. SpiderOak

Online Voice Communication: Skype vs. Jitsi/Pidgin OTR

Android: cyanogenmod/replicant OS

Attendees should come prepared to contribute, with laptops in hand.

Statistics

Views

Total Views
217
Views on SlideShare
217
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    PBU-Blocking_Your_Metadata PBU-Blocking_Your_Metadata Presentation Transcript

    • Encrypt your MetaData Prism Breakup Eyebeam Gabriella Levine Gabriellalevine.com | gabriella.levine@gmail.com Sunday, October 6, 13
    • http://goo.gl/yxS0Z3 Sunday, October 6, 13
    • 1. What does Metadata look like? 2. cryptographic protocols 3. See what’s happening on your network 4. Some ways to block your data 1 hour Sunday, October 6, 13
    • 1. Delete cookies 2. Alternate Web Browser & Online Storage 3. Your Documents (text, images...) 4. Chat / Skype / Twitter / Facebook / SMS 5. VPN / Little Snitch Protect your metadata. Sunday, October 6, 13
    • Sunday, October 6, 13
    • Data about Data... “electronic DNA” What is MetaData? Sunday, October 6, 13
    • Where does it come from? Sunday, October 6, 13
    • 1. In the “cloud” 2. On the client’s server 3. On your local machine (cookies) 4. The client’s client’s server ...where else? Where is it kept? Sunday, October 6, 13
    • NSA data centers Sunday, October 6, 13
    • Bluffdale, Utah Sunday, October 6, 13
    • NISO categories of metadata: Structural, Descriptive, Administrative Markup Languages : syntax to express metadata Different syntaxes: XML, HTML, JSON, RDF, plain text... MetaData Syntax Sunday, October 6, 13
    • ISO - endorsed Dublin Core 1. Title 2. Creator 3. Subject 4. Description 5. Publisher 6. Contributor 7. Date 8. Type 9. Format 10.Identifier 11.Source 12.Language 13.Relation 14.Coverage 15.Rights MetaData Standards Sunday, October 6, 13
    • What does it look like? Sunday, October 6, 13
    • Twitter Sunday, October 6, 13
    • Email Sunday, October 6, 13
    • Cookies? Sunday, October 6, 13
    • First party cookies Third party cookies What are cookies? Sunday, October 6, 13
    • Where is it stored? Sunday, October 6, 13
    • How does it get there? Sunday, October 6, 13
    • How to see my cookies? Sunday, October 6, 13
    • chrome://settings/cookies Sunday, October 6, 13
    • chrome://settings/cookies Sunday, October 6, 13
    • chrome://settings/cookies Sunday, October 6, 13
    • - Track how many people visit a website - Store Login / password info - E-Commerce sites store customer preferences - Easy checkout info - Sell your cookie info to telemarketers - Sell statistics ...all based on info you’ve input to an form online What with my cookies? Sunday, October 6, 13
    • Cookies across multiple sites? Sunday, October 6, 13
    • ⌘-shift-N Doesn’t store cookies to your local disk Metadata is still stored on the client’s site Chrome Incognito? Sunday, October 6, 13
    • Downsides? -passwords -preferences -autocomplete ... Delete cookies Sunday, October 6, 13
    • How does it effect me? Sunday, October 6, 13
    • Advertisements (AdSense) Sunday, October 6, 13
    • Advertisements Sunday, October 6, 13
    • Advertisements Sunday, October 6, 13
    • Advertisements Sunday, October 6, 13
    • how else...? Airline flights? Sunday, October 6, 13
    • -Communication protocol over a network -HTTPS vs. HTTP -HTTP sends data as plain text -HTTPS encrypts data with SSL (secure socket layer) -HTTPS layers HTTP on top of SSL / TLS Security Certificates Sunday, October 6, 13
    • -Perform authentications -Encrypt communications -Uses a certificate -CA (certificate authority) has a private key used to sign other certificates -CA resources : Thawte, Verisign... -Free ones: CAcert, StartSSL, godaddy.com ... SSL : Secure Socket Layer Sunday, October 6, 13
    • - SSL Certificates have a key pair: a public and a private key. - These keys work together to establish an encrypted connection. - RSA: an algorithm for public key encryption RSA encryption Sunday, October 6, 13
    • Public key encryption Sunday, October 6, 13
    • Security certificate not trusted Sunday, October 6, 13
    • Anyone can create a key pair Verisign makes DIGITAL CERTIFICATES, by signing public keys This certificate is seen by my browser, which has a list of trusted providers Trusted providers vs. not trusted providers (selfsigned) Verisign is expensive ($1000) Value = Trustworthiness Sunday, October 6, 13
    • in Adium: View Certificate Sunday, October 6, 13
    • in Adium: View Certificate Sunday, October 6, 13
    • in Adium: View Certificate Sunday, October 6, 13
    • in Adium: View Certificate Sunday, October 6, 13
    • HTTPS everywhere Sunday, October 6, 13
    • HTTPS everywhere Sunday, October 6, 13
    • HTTPS everywhere Sunday, October 6, 13
    • IP address to identify your general location “We may also select advertising based on information about your computer or device, such as your device model, browser type, or sensors in your device like the accelerometer.” http://www.google.com/policies/technologies/ads/ Metadata that is tracked Sunday, October 6, 13
    • Some cool diagnostic tools Sunday, October 6, 13
    • IP Lookup: whatismyipaddress.com Sunday, October 6, 13
    • whatismyipaddress.com/ip-lookup Sunday, October 6, 13
    • Little Snitch Sunday, October 6, 13
    • Little Snitch Network Monitor Sunday, October 6, 13
    • Little Snitch Configuration Sunday, October 6, 13
    • WireShark: what’s on your network? Sunday, October 6, 13
    • 1. Delete cookies 2. Alternate Web Browser & Online Storage 3. Your Documents (text, images...) 4. Chat / Skype / Twitter / Facebook / SMS 5. VPN / Little Snitch Protect your metadata. Sunday, October 6, 13
    • 1. Firewall - protect your computer from data from the internet) 2. VPN (virtual private network - protect your data on the internet) 3. Little Snitch (protects your private data from being sent out) Shields Sunday, October 6, 13
    • Firewall Sunday, October 6, 13
    • http://www.engadget.com/2006/05/30/ how-to-build-your-own-network-firewall/ Firewall Sunday, October 6, 13
    • VPN: Hotspot Shield Sunday, October 6, 13
    • Hotspot Shield: IP Hider Mask Sunday, October 6, 13
    • Hotspot Shield: IP Hider Mask Sunday, October 6, 13
    • Little Snitch Sunday, October 6, 13
    • SpiderOak Alternate Online Storage Sunday, October 6, 13
    • Spideroak.com Sunday, October 6, 13
    • Tor (free software for enabling online anonymity through a network) Duck Duck Go (an anonymous internet search engine) Project Meshnet + cjdns (an encrypted network, with the goal of a sustainable decentralized alternative internet) HyperBoria + cjdns (a global decentralized network, alternative internet) Alternate Browsers & Networks Sunday, October 6, 13
    • duckduckgo.com Sunday, October 6, 13
    • Tor Sunday, October 6, 13
    • Tor Sunday, October 6, 13
    • Project Meshnet Sunday, October 6, 13
    • Hyperboria.net Sunday, October 6, 13
    • cjdns.info Sunday, October 6, 13
    • evbogue.com Sunday, October 6, 13
    • Mozilla’s DoNotTrack Sunday, October 6, 13
    • RiseUp HushMail ($$) Zoho ($$) BlueHost ($$) Thunderbird + Mozilla’s DoNotTrack option Email Sunday, October 6, 13
    • mail.RiseUp.net Sunday, October 6, 13
    • Thunderbird + DoNotTrack Sunday, October 6, 13
    • •Microsoft Office (Word, Powerpoint...) •Adobe (Photoshop, Illustrator...) Text files, photos, videos... Sunday, October 6, 13
    • Extensible Metadata Platform Microsoft Office Adobe XMP standard Sunday, October 6, 13
    • • Your name • Your initials • Your company or organization name • The name of your computer • The name of the network server or hard disk where yo • Other file properties and summary information • Non-visible portions of embedded OLE objects • The names of previous document authors • Document revisions • Document versions • Template information • Hidden text • Comments MS Word Sunday, October 6, 13
    • •Gimp •Formulate Pro •Open Office •.... Open Source Alternatives Sunday, October 6, 13
    • MS Word Sunday, October 6, 13
    • MS Word Sunday, October 6, 13
    • MS Word Sunday, October 6, 13
    • •Your name •What type of camera •GPS location photo taken •Photo date / time •Size, formate •linked files •fonts •properties •copyrights •edit history Photos Sunday, October 6, 13
    • Photos Sunday, October 6, 13
    • Adobe Bridge Sunday, October 6, 13
    • Adobe Bridge Adobe Bridge Sunday, October 6, 13
    • Startup Script Sunday, October 6, 13
    • MICROSOFT : http://support.microsoft.com/ default.aspx?scid=kb;EN-US;290945 ADOBE: http://help.adobe.com/en_US/acrobat/ X/pro/using/WS4E397D8A-B438-4b93BB5F-E3161811C9C0.w.html Minimize metadata Sunday, October 6, 13
    • Not searchable The downsides? Sunday, October 6, 13
    • Chat Services Sunday, October 6, 13
    • Adium.im Sunday, October 6, 13
    • Link your accounts Sunday, October 6, 13
    • OTR Messaging Sunday, October 6, 13
    • Toggle Encryption Sunday, October 6, 13
    • Accept Encryption Sunday, October 6, 13
    • Chat OTR Sunday, October 6, 13
    • G-Chat Log Sunday, October 6, 13
    • Gibberbot Sunday, October 6, 13
    • ChatSecure for iOS Sunday, October 6, 13
    • •crabgrass •status.net Twitter Sunday, October 6, 13
    • status.net Sunday, October 6, 13
    • crabgrass Sunday, October 6, 13
    • Adium plugin for SKYPE: http://www.adiumxtras.com/index.php? a=xtras&xtra_id=5011 ostel.co VoIP Sunday, October 6, 13
    • •Alternate browsers? •Getting rid of your metadata on documents? •Alternative social networks? •... The downsides? Sunday, October 6, 13
    • Why are these interfaces so shitty? Sunday, October 6, 13
    • Small alternative browsers or networks? vs. working around current ones (chrome, etc.) Sunday, October 6, 13
    • Why open source? Sunday, October 6, 13
    • Encrypt your MetaData Prism Breakup Eyebeam Gabriella Levine Gabriellalevine.com | gabriella.levine@gmail.com Sunday, October 6, 13
    • Immersion.media.mit.edu Sunday, October 6, 13
    • Sunday, October 6, 13
    • Sunday, October 6, 13
    • Sunday, October 6, 13
    • XMPP services Sunday, October 6, 13
    • Sunday, October 6, 13
    • XMPP.net Sunday, October 6, 13
    • register an XMPP chatserver Sunday, October 6, 13
    • Create New XMPP Sunday, October 6, 13
    • jabber.chaotic.de Sunday, October 6, 13
    • jabber.chaotic.de Sunday, October 6, 13
    • 1. Now I know how to use Adium to encrypt my chats, and I use chatserver or gibberbot for sending texts, and I use Rise Up for gmail, but what can I do because everyone uses gmail still? 2. All of these platforms are messy and hard to use can we come up with 3 solutions for better, more user friendly interface? Sunday, October 6, 13