SlideShare a Scribd company logo

Securing Your Privacy

Download as PPTX, PDF
D
Dallas Web Security Group

Credera is a full-service management and technology consulting firm that provides expert, objective advice to help solve complex business and technology challenges for both Fortune 1000 companies and emerging industry leaders. It has offices located in Dallas, Houston, Austin, Denver, and other major cities throughout the United States.

Technology
1 of 20
Credera is a full-service management and technology consulting firm. Our clients range from Fortune 1,000 companies to emerging industry leaders. We provide expert, objective advice to help solve complex business and technology challenges. Dallas Office 15303 Dallas Parkway Suite 300 Addison, TX 75001 Houston Office 800 Town & Country Blvd Suite 300 Houston, TX 77024 Austin Office 9020 N Capital of Texas Hwy Suite 345 Austin, TX 78759 Denver Office 5445 DTC Parkway Suite 1040 Greenwood Village, CO 80111 972.692.0010 Phone 972.692.0019 Fax 713.496.0711 Phone 713.401.9650 Fax 512.327.1112 Phone 512.233.0844 Fax 303.623.1344 Phone 303.484.4577 Fax
Securing Your Privacy Dallas, TX July 9, 2013 Dallas Web Security Group Josh Hamit Discussion document – Strictly Confidential & Proprietary
Agenda … How can I preserve my privacy? Introductions Why Privacy Matters Strategies to Protect Privacy Ways to Execute Privacy Strategies Internet Browsing Mobile Usage Emails Data Storage Q&A Dallas Web Security Group 7/9/13 3
Introductions Dallas Web Security Group 7/9/13 4
Introductions… Dustin Talk and Josh Hamit (both not Anonymous) Josh Hamit Joshua Hamit is a Consultant in the Custom Java Development Practice at Credera. He earned his B.B.A in Management Information Systems from Baylor University. Joshua has several years experience designing and implementing technology solutions utilizing a broad range of technologies while adhering to industry best practices. While at Credera, he has lead the design and implementation of multiple single sign-on authentication systems, enterprise integrations, complex UI solutions, analytic tracking pixels, and mobile web applications. Past Presentations: Addressing Top Security Threats in Web Applications Addressing Cross-Cutting Concerns with AOP Functional Testing with Geb Stripe’s Capture The Flag #2 Dallas Web Security Group 7/9/13 5
Why Privacy Matters Dallas Web Security Group 7/9/13 6
Why Privacy Matters… Privacy does NOT equal secrecy. Nothing-to-hide argument - https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/ Bill of Rights 1 Freedom of Speech, Press, Religion and Petition 2 Right to keep and bear arms 4 Protections against search and seizure 5 Provisions concernng prosecution Businesses, wrongful imprisonment, hackers, foreign governments No fly list, no buy list (OFAC)- http://www.treasury.gov/ofac/downloads/sdnlist.txt Invoke 5th amendment - http://www.cato.org/blog/salinas-vtexas?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Cato-atliberty+%28Cato+at+Liberty%29 Examples - -http://www.zeit.de/datenschutz/malte-spitz-data-retention https://docs.google.com/spreadsheet/ccc?key=0An0YnoiCbFHGdGp3WnJkbE4xWTdDTVV0ZDlQeWZ mSXc&authkey=COCjw-kG&hl=en_GB&authkey=COCjw-kG#gid=0 Texas teen jailed over joke in FB comment http://www.theregister.co.uk/2013/07/08/texas_teen_jailed_for_facebook_comment/            Dallas Web Security Group 7/9/13 7
Strategies to Protect Privacy Dallas Web Security Group 7/9/13 8
Strategies to Protect Privacy… There's more than one way to protect your privacy. Don't get pigeon-holed into a solution. Encryption Misinformation Stenography Port-knocking Crowd-sourcing    Other Alternatives Dallas Web Security Group 7/9/13 9
Internet Browsing Dallas Web Security Group 7/9/13 10
Ways to Execute Privacy Strategies … Internet Browsing ... It's important to understand the different layers involved in browsing and useful tools to help manage them. Browser Tools AdBlock, Ghostery, Etc... Misinformation - http://adage.com/article/privacy-and-regulation/student-projectkill-digital-ad-targeting/242955/ Network Stack Proxies SSH Tunnels VPN Resources https://www.eff.org/pages/tor-and-https https://github.com/rossjones/alternative-internet Dallas Web Security Group 7/9/13 11
Emails Dallas Web Security Group 7/9/13 12
Ways to Execute Privacy Strategies … Emails ... Different techniques to secure your emails should be used depending on your requirements. Asymmetric Cryptography http://arstechnica.com/security/2013/06/encrypted-e-mail-how-muchannoyance-will-you-tolerate-to-keep-the-nsa-away Disposable Inboxes Remailers Type 1 - Pseudonymous - can be replied to - Cypherpunk - no address from Type 2 (mixmaster) - Fixed size packets and reorders them Type 3 (mixminion) - mix network - support SURBs (single use reply block) Dallas Web Security Group 7/9/13 13
Mobile Usage Dallas Web Security Group 7/9/13 14
Ways to Execute Privacy Strategies … Mobile Usage ... It's important to understand the different layers involved in browsing and useful tools to help manage them. Who's Listening? Businesses http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html?source=h n#Analysis1 Government http://online.wsj.com/article_email/SB1000142412788732387390457857189375 8853344-lMyQjAxMTAzMDAwODEwNDgyWj.html   Ways to prevent tracking Obtaining phone Obtaining service Operating Systems http://en.wikipedia.org/wiki/Comparison_of_mobile_operating_systems Calls, texts, data, applications - https://www.whispersystems.org/     Use technology to your advantage! https://play.google.com/store/search?q=call+recorder  Dallas Web Security Group 7/9/13 15
Cloud Storage Dallas Web Security Group 7/9/13 16
Ways to Execute Privacy Strategies … Mobile Usage ... It's important to understand the different layers involved in browsing and useful tools to help manage them. “Secure” Clouds Personal Swiss Data Bank http://www.washingtonpost.com/business/technology/after-prism-reports-swissdata-bank-sees-boost/2013/07/08/cc8dfe14-e569-11e2-aef3339619eab080_story.html Personal Clouds Cozycloud - https://demo.cozycloud.cc/#home Own Cloud - https://owncloud.org/ Test the services you use (even if you're not a “hacker”) https://cloudsweeper.cs.uic.edu/ Dallas Web Security Group 7/9/13 17
Conclusion Dallas Web Security Group 7/9/13 18
Conclusion … Develop your own privacy strategy and execute it. “You can't buy security” - Frank Herbert https://www.eff.org https://prism-break.org Dallas Web Security Group 7/9/13 19
Q&A Dallas Web Security Group 7/9/13 20

Recommended

Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13
Dallas Web Security Group
 
How to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in InvestigationsHow to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in Investigations
Case IQ
 
M privacy for collaborative data publishing
M privacy for collaborative data publishingM privacy for collaborative data publishing
M privacy for collaborative data publishing
LeMeniz Infotech
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016
Gohsuke Takama
 
OSINT Social Media Techniques - Macau social mediat lc
OSINT Social Media Techniques - Macau social mediat lc OSINT Social Media Techniques - Macau social mediat lc
OSINT Social Media Techniques - Macau social mediat lc
Cyber Threat Intelligence Network
 
Osint - Dark side of Internet
Osint - Dark side of InternetOsint - Dark side of Internet
Osint - Dark side of Internet
Raghav Bisht
 
Lee Cheramie RSME2015
Lee Cheramie RSME2015Lee Cheramie RSME2015
Lee Cheramie RSME2015Lee Cheramie
 
SHIRLEY M leagel
SHIRLEY M leagelSHIRLEY M leagel
SHIRLEY M leagelShirley bell
 

Recommended

Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13Correcthorsebatterystaple dwsg 07 09-13
Correcthorsebatterystaple dwsg 07 09-13
Dallas Web Security Group
 
How to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in InvestigationsHow to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in Investigations
Case IQ
 
M privacy for collaborative data publishing
M privacy for collaborative data publishingM privacy for collaborative data publishing
M privacy for collaborative data publishing
LeMeniz Infotech
 
Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016Hackers and Hacking a brief overview 5-26-2016
Hackers and Hacking a brief overview 5-26-2016
Gohsuke Takama
 
OSINT Social Media Techniques - Macau social mediat lc
OSINT Social Media Techniques - Macau social mediat lc OSINT Social Media Techniques - Macau social mediat lc
OSINT Social Media Techniques - Macau social mediat lc
Cyber Threat Intelligence Network
 
Osint - Dark side of Internet
Osint - Dark side of InternetOsint - Dark side of Internet
Osint - Dark side of Internet
Raghav Bisht
 
Lee Cheramie RSME2015
Lee Cheramie RSME2015Lee Cheramie RSME2015
Lee Cheramie RSME2015Lee Cheramie
 
SHIRLEY M leagel
SHIRLEY M leagelSHIRLEY M leagel
SHIRLEY M leagelShirley bell
 
Jeff Gresso resume_120116
Jeff Gresso resume_120116Jeff Gresso resume_120116
Jeff Gresso resume_120116Jeff Gresso
 
Mbusey.doc
Mbusey.docMbusey.doc
Mbusey.doc
Michelle Busey
 
Michelle Fitzgerald Resume
Michelle Fitzgerald ResumeMichelle Fitzgerald Resume
Michelle Fitzgerald Resume
MichelleFitz
 
K.Hutchins Resume
K.Hutchins ResumeK.Hutchins Resume
K.Hutchins ResumeKendall Hutchins
 
Hunter Bell Resume
Hunter Bell ResumeHunter Bell Resume
Hunter Bell ResumeHunter Bell
 
RodneyGriggs_detail
RodneyGriggs_detailRodneyGriggs_detail
RodneyGriggs_detailRodney Griggs
 
Mike Haller - Professional Resume
Mike Haller - Professional ResumeMike Haller - Professional Resume
Mike Haller - Professional ResumeMichael Haller
 
Office 365 DLP Makes Data Protection Cool Again!
Office 365 DLP Makes Data Protection Cool Again!Office 365 DLP Makes Data Protection Cool Again!
Office 365 DLP Makes Data Protection Cool Again!
Edge Pereira
 
Data goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copyData goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copy
Sandra (Sandy) Dunn
 
Top ten big data security and privacy challenges
Top ten big data security and privacy challengesTop ten big data security and privacy challenges
Top ten big data security and privacy challenges
Bee_Ware
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
BigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkBigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at Brighttalk
Ulf Mattsson
 
Safe use of cloud - alternative cloud
Safe use of cloud - alternative cloudSafe use of cloud - alternative cloud
Safe use of cloud - alternative cloud
Tomppa Järvinen
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Ted Myerson
 
Five_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsFive_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsLaris Orman
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy
 
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata PrivacyTwo-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
dbpublications
 
Energy and Utilities Firm Increases Productivity by Reducing False Positives
Energy and Utilities Firm Increases Productivity by Reducing False PositivesEnergy and Utilities Firm Increases Productivity by Reducing False Positives
Energy and Utilities Firm Increases Productivity by Reducing False Positives
Digital Shadows
 
Office 365 Makes Data Protection Cool Again
Office 365 Makes Data Protection Cool AgainOffice 365 Makes Data Protection Cool Again
Office 365 Makes Data Protection Cool Again
Edge Pereira
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Ulf Mattsson
 
Struggling with Data Science in 2023? Challenges and Roadmap to Success
Struggling with Data Science in 2023? Challenges and Roadmap to SuccessStruggling with Data Science in 2023? Challenges and Roadmap to Success
Struggling with Data Science in 2023? Challenges and Roadmap to Success
Utah Tech Labs
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
Puneet Kukreja
 

More Related Content

Viewers also liked

Jeff Gresso resume_120116
Jeff Gresso resume_120116Jeff Gresso resume_120116
Jeff Gresso resume_120116Jeff Gresso
 
Mbusey.doc
Mbusey.docMbusey.doc
Mbusey.doc
Michelle Busey
 
Michelle Fitzgerald Resume
Michelle Fitzgerald ResumeMichelle Fitzgerald Resume
Michelle Fitzgerald Resume
MichelleFitz
 
Hunter Bell Resume
Hunter Bell ResumeHunter Bell Resume
Hunter Bell ResumeHunter Bell
 
Mike Haller - Professional Resume
Mike Haller - Professional ResumeMike Haller - Professional Resume
Mike Haller - Professional ResumeMichael Haller
 

Viewers also liked (7)

Jeff Gresso resume_120116
Jeff Gresso resume_120116Jeff Gresso resume_120116
Jeff Gresso resume_120116
 
Mbusey.doc
Mbusey.docMbusey.doc
Mbusey.doc
 
Michelle Fitzgerald Resume
Michelle Fitzgerald ResumeMichelle Fitzgerald Resume
Michelle Fitzgerald Resume
 
K.Hutchins Resume
K.Hutchins ResumeK.Hutchins Resume
K.Hutchins Resume
 
Hunter Bell Resume
Hunter Bell ResumeHunter Bell Resume
Hunter Bell Resume
 
RodneyGriggs_detail
RodneyGriggs_detailRodneyGriggs_detail
RodneyGriggs_detail
 
Mike Haller - Professional Resume
Mike Haller - Professional ResumeMike Haller - Professional Resume
Mike Haller - Professional Resume
 

Similar to Securing Your Privacy

Office 365 DLP Makes Data Protection Cool Again!
Office 365 DLP Makes Data Protection Cool Again!Office 365 DLP Makes Data Protection Cool Again!
Office 365 DLP Makes Data Protection Cool Again!
Edge Pereira
 
Data goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copyData goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copy
Sandra (Sandy) Dunn
 
Top ten big data security and privacy challenges
Top ten big data security and privacy challengesTop ten big data security and privacy challenges
Top ten big data security and privacy challenges
Bee_Ware
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
 
BigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkBigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at Brighttalk
Ulf Mattsson
 
Safe use of cloud - alternative cloud
Safe use of cloud - alternative cloudSafe use of cloud - alternative cloud
Safe use of cloud - alternative cloud
Tomppa Järvinen
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Ted Myerson
 
Five_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsFive_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsLaris Orman
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy
 
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata PrivacyTwo-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
dbpublications
 
Energy and Utilities Firm Increases Productivity by Reducing False Positives
Energy and Utilities Firm Increases Productivity by Reducing False PositivesEnergy and Utilities Firm Increases Productivity by Reducing False Positives
Energy and Utilities Firm Increases Productivity by Reducing False Positives
Digital Shadows
 
Office 365 Makes Data Protection Cool Again
Office 365 Makes Data Protection Cool AgainOffice 365 Makes Data Protection Cool Again
Office 365 Makes Data Protection Cool Again
Edge Pereira
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Ulf Mattsson
 
Struggling with Data Science in 2023? Challenges and Roadmap to Success
Struggling with Data Science in 2023? Challenges and Roadmap to SuccessStruggling with Data Science in 2023? Challenges and Roadmap to Success
Struggling with Data Science in 2023? Challenges and Roadmap to Success
Utah Tech Labs
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
Puneet Kukreja
 
Big Data and Fast Data – Big and Fast Combined, is it Possible?
Big Data and Fast Data – Big and Fast Combined, is it Possible?Big Data and Fast Data – Big and Fast Combined, is it Possible?
Big Data and Fast Data – Big and Fast Combined, is it Possible?Guido Schmutz
 
Digital Shadows and Demisto Enterprise Integration Datasheet
Digital Shadows and Demisto Enterprise Integration DatasheetDigital Shadows and Demisto Enterprise Integration Datasheet
Digital Shadows and Demisto Enterprise Integration Datasheet
Digital Shadows
 
Data protection in Practice
Data protection in PracticeData protection in Practice
Data protection in Practice
Tomppa Järvinen
 
Secure channels inc. basic rules for data protection compliance
Secure channels inc. basic rules for data protection complianceSecure channels inc. basic rules for data protection compliance
Secure channels inc. basic rules for data protection compliance
Secure Channels Inc.
 
Data Security Whitepaper
Data Security WhitepaperData Security Whitepaper
Data Security Whitepaper
Sample Solutions
 

Similar to Securing Your Privacy (20)

Office 365 DLP Makes Data Protection Cool Again!
Office 365 DLP Makes Data Protection Cool Again!Office 365 DLP Makes Data Protection Cool Again!
Office 365 DLP Makes Data Protection Cool Again!
 
Data goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copyData goverance two_8.2.18 - copy
Data goverance two_8.2.18 - copy
 
Top ten big data security and privacy challenges
Top ten big data security and privacy challengesTop ten big data security and privacy challenges
Top ten big data security and privacy challenges
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
BigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkBigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at Brighttalk
 
Safe use of cloud - alternative cloud
Safe use of cloud - alternative cloudSafe use of cloud - alternative cloud
Safe use of cloud - alternative cloud
 
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
Anonos NIST Comment Letter – De–Identification Of Personally Identifiable Inf...
 
Five_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsFive_Big_Data_Security_Pitfalls
Five_Big_Data_Security_Pitfalls
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 Assignment
 
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata PrivacyTwo-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
Two-Phase TDS Approach for Data Anonymization To Preserving Bigdata Privacy
 
Energy and Utilities Firm Increases Productivity by Reducing False Positives
Energy and Utilities Firm Increases Productivity by Reducing False PositivesEnergy and Utilities Firm Increases Productivity by Reducing False Positives
Energy and Utilities Firm Increases Productivity by Reducing False Positives
 
Office 365 Makes Data Protection Cool Again
Office 365 Makes Data Protection Cool AgainOffice 365 Makes Data Protection Cool Again
Office 365 Makes Data Protection Cool Again
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
 
Struggling with Data Science in 2023? Challenges and Roadmap to Success
Struggling with Data Science in 2023? Challenges and Roadmap to SuccessStruggling with Data Science in 2023? Challenges and Roadmap to Success
Struggling with Data Science in 2023? Challenges and Roadmap to Success
 
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data AssetsFS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
FS-ISAC APAC Summit 2017 Singapore - Of Crown Jewels and Data Assets
 
Big Data and Fast Data – Big and Fast Combined, is it Possible?
Big Data and Fast Data – Big and Fast Combined, is it Possible?Big Data and Fast Data – Big and Fast Combined, is it Possible?
Big Data and Fast Data – Big and Fast Combined, is it Possible?
 
Digital Shadows and Demisto Enterprise Integration Datasheet
Digital Shadows and Demisto Enterprise Integration DatasheetDigital Shadows and Demisto Enterprise Integration Datasheet
Digital Shadows and Demisto Enterprise Integration Datasheet
 
Data protection in Practice
Data protection in PracticeData protection in Practice
Data protection in Practice
 
Secure channels inc. basic rules for data protection compliance
Secure channels inc. basic rules for data protection complianceSecure channels inc. basic rules for data protection compliance
Secure channels inc. basic rules for data protection compliance
 
Data Security Whitepaper
Data Security WhitepaperData Security Whitepaper
Data Security Whitepaper
 

Recently uploaded

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 

Recently uploaded (20)

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 

Securing Your Privacy

  • 1. Credera is a full-service management and technology consulting firm. Our clients range from Fortune 1,000 companies to emerging industry leaders. We provide expert, objective advice to help solve complex business and technology challenges. Dallas Office 15303 Dallas Parkway Suite 300 Addison, TX 75001 Houston Office 800 Town & Country Blvd Suite 300 Houston, TX 77024 Austin Office 9020 N Capital of Texas Hwy Suite 345 Austin, TX 78759 Denver Office 5445 DTC Parkway Suite 1040 Greenwood Village, CO 80111 972.692.0010 Phone 972.692.0019 Fax 713.496.0711 Phone 713.401.9650 Fax 512.327.1112 Phone 512.233.0844 Fax 303.623.1344 Phone 303.484.4577 Fax
  • 2. Securing Your Privacy Dallas, TX July 9, 2013 Dallas Web Security Group Josh Hamit Discussion document – Strictly Confidential & Proprietary
  • 3. Agenda … How can I preserve my privacy? Introductions Why Privacy Matters Strategies to Protect Privacy Ways to Execute Privacy Strategies Internet Browsing Mobile Usage Emails Data Storage Q&A Dallas Web Security Group 7/9/13 3
  • 5. Introductions… Dustin Talk and Josh Hamit (both not Anonymous) Josh Hamit Joshua Hamit is a Consultant in the Custom Java Development Practice at Credera. He earned his B.B.A in Management Information Systems from Baylor University. Joshua has several years experience designing and implementing technology solutions utilizing a broad range of technologies while adhering to industry best practices. While at Credera, he has lead the design and implementation of multiple single sign-on authentication systems, enterprise integrations, complex UI solutions, analytic tracking pixels, and mobile web applications. Past Presentations: Addressing Top Security Threats in Web Applications Addressing Cross-Cutting Concerns with AOP Functional Testing with Geb Stripe’s Capture The Flag #2 Dallas Web Security Group 7/9/13 5
  • 6. Why Privacy Matters Dallas Web Security Group 7/9/13 6
  • 7. Why Privacy Matters… Privacy does NOT equal secrecy. Nothing-to-hide argument - https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/ Bill of Rights 1 Freedom of Speech, Press, Religion and Petition 2 Right to keep and bear arms 4 Protections against search and seizure 5 Provisions concernng prosecution Businesses, wrongful imprisonment, hackers, foreign governments No fly list, no buy list (OFAC)- http://www.treasury.gov/ofac/downloads/sdnlist.txt Invoke 5th amendment - http://www.cato.org/blog/salinas-vtexas?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Cato-atliberty+%28Cato+at+Liberty%29 Examples - -http://www.zeit.de/datenschutz/malte-spitz-data-retention https://docs.google.com/spreadsheet/ccc?key=0An0YnoiCbFHGdGp3WnJkbE4xWTdDTVV0ZDlQeWZ mSXc&authkey=COCjw-kG&hl=en_GB&authkey=COCjw-kG#gid=0 Texas teen jailed over joke in FB comment http://www.theregister.co.uk/2013/07/08/texas_teen_jailed_for_facebook_comment/            Dallas Web Security Group 7/9/13 7
  • 8. Strategies to Protect Privacy Dallas Web Security Group 7/9/13 8
  • 9. Strategies to Protect Privacy… There's more than one way to protect your privacy. Don't get pigeon-holed into a solution. Encryption Misinformation Stenography Port-knocking Crowd-sourcing    Other Alternatives Dallas Web Security Group 7/9/13 9
  • 10. Internet Browsing Dallas Web Security Group 7/9/13 10
  • 11. Ways to Execute Privacy Strategies … Internet Browsing ... It's important to understand the different layers involved in browsing and useful tools to help manage them. Browser Tools AdBlock, Ghostery, Etc... Misinformation - http://adage.com/article/privacy-and-regulation/student-projectkill-digital-ad-targeting/242955/ Network Stack Proxies SSH Tunnels VPN Resources https://www.eff.org/pages/tor-and-https https://github.com/rossjones/alternative-internet Dallas Web Security Group 7/9/13 11
  • 12. Emails Dallas Web Security Group 7/9/13 12
  • 13. Ways to Execute Privacy Strategies … Emails ... Different techniques to secure your emails should be used depending on your requirements. Asymmetric Cryptography http://arstechnica.com/security/2013/06/encrypted-e-mail-how-muchannoyance-will-you-tolerate-to-keep-the-nsa-away Disposable Inboxes Remailers Type 1 - Pseudonymous - can be replied to - Cypherpunk - no address from Type 2 (mixmaster) - Fixed size packets and reorders them Type 3 (mixminion) - mix network - support SURBs (single use reply block) Dallas Web Security Group 7/9/13 13
  • 14. Mobile Usage Dallas Web Security Group 7/9/13 14
  • 15. Ways to Execute Privacy Strategies … Mobile Usage ... It's important to understand the different layers involved in browsing and useful tools to help manage them. Who's Listening? Businesses http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html?source=h n#Analysis1 Government http://online.wsj.com/article_email/SB1000142412788732387390457857189375 8853344-lMyQjAxMTAzMDAwODEwNDgyWj.html   Ways to prevent tracking Obtaining phone Obtaining service Operating Systems http://en.wikipedia.org/wiki/Comparison_of_mobile_operating_systems Calls, texts, data, applications - https://www.whispersystems.org/     Use technology to your advantage! https://play.google.com/store/search?q=call+recorder  Dallas Web Security Group 7/9/13 15
  • 16. Cloud Storage Dallas Web Security Group 7/9/13 16
  • 17. Ways to Execute Privacy Strategies … Mobile Usage ... It's important to understand the different layers involved in browsing and useful tools to help manage them. “Secure” Clouds Personal Swiss Data Bank http://www.washingtonpost.com/business/technology/after-prism-reports-swissdata-bank-sees-boost/2013/07/08/cc8dfe14-e569-11e2-aef3339619eab080_story.html Personal Clouds Cozycloud - https://demo.cozycloud.cc/#home Own Cloud - https://owncloud.org/ Test the services you use (even if you're not a “hacker”) https://cloudsweeper.cs.uic.edu/ Dallas Web Security Group 7/9/13 17
  • 19. Conclusion … Develop your own privacy strategy and execute it. “You can't buy security” - Frank Herbert https://www.eff.org https://prism-break.org Dallas Web Security Group 7/9/13 19
  • 20. Q&A Dallas Web Security Group 7/9/13 20