Tagged: TOR

Crypto-consumers

The fact that Ad Blocker and similar plug-ins have long been top of the charts for browser extensions gave us a clue to what people like online: an absence of advertising.

What then, to make of the Red Onion Tor Browser - a web browser that makes it hard for digital eavesdroppers to see what you are doing online – being number 11 in the iOS App Store paid chart?

IMG_8847.PNG

Probably that people don’t like being spied on by Big Brother’n’Big Brands. Another signal – along with things like the Cryptoparty movement that increasing numbers of people are looking at how to take personal privacy more seriously. Here’s some excerpts from a piece I wrote a couple of months ago for the IAB Future Trends report on The Future of Data (and also blogged about at Brilliant Noise):

Ain’t no party like a cryptoparty

Last month I saw a warning from the near future for brands. I was at something called a Cryptoparty, one of hundreds happening every month around the world where activists teach ordinary people how to lock down their personal data online and avoid the perceived twin evils of Big Brother and big brands.

A nice man called Chris quickly taught me how to encrypt my email, web browsing and instant messaging. In 2008 the founder of Facebook predicted that the amount of information people shared online would double every year. Zuckerberg’s Law as it was inevitably named, was part of the spirit of openness and increasing transparency that had been sweeping through the web and our personal lives since the first glimmerings of social media as mass media took hold in the early Noughties.

That wave may now be breaking with some violence on the rocks of the Snowden revelations of mass surveillance by the US and its allies, along with the clumsy efforts of governments and corporations to take advantage of the big data bonanza to peer into the lives of citizens and consumers.

Marketers have been lazy and clumsy in their use of customer data to date. Even floating the idea for this article met with indifference and denial from my peers – consumers couldn’t give a fig about privacy, is the gist of some individuals’ feelings on the matter.

Things move fast on the web, however, and soon enough Martin Sorrell was telling Ad Week Europe that the Snowden scandal was going to hit brands harder than they thought and that “people are underestimating its significance among consumers.”

At the Cryptoparty, I learned that there are a mass of apps and services you can use securely, but as soon as I try them a big downside becomes clear. They are slow, clunky and lack the features of free services like those from Google, Microsoft and Apple, for instance.

I point this out to Chris. “People think my machine is broken when try it,” he admits cheerfully, “But it’s just very secure.”[...]

Last word to Sir Martin: “We want to be more respectful of privacy and also want to monetise our audiences our way. Being more focused on privacy is not bad for business, it can be good.”

We may not reach a stage where everyone cares about online privacy enough to download a Tor browser or a VPN like Cloak to their smartphone, but the number of people who do is likely to grow, even become a significant minority.

Who can see what you are doing on the internet right now?

Yesterday’s cryptoparty was fascinating in so many ways. A two hour-ish session took us through online privacy issues, behaviours and tools.

Particularly useful was an interactive diagram from the Electronic Frontier Foundation, which campaigns for internet freedom, showing who can see what you are doing with your web browser – from a hacker sitting in the same coffee shop, to your ISP, the hosts of the website you are using and government agencies tapping into the internet backbone (as the NSA and GCHQ in the UK have been doing) or contacting the ISP or website for their records. 

Click on the image below to try it for yourself.

ZZ55706B45

 

I knew some of this previously, but this diagram is really helpful in clarifying the situation. You can see who see how of your online activity is blocked by using a secure plug in (the HTTPS Everywhere extension for Chrome and Firefox browsers will do this) or a super-secure browser like TOR (which encrypts and hides users’ location, identity and web use). Fro the most part, the former blocks people seeing who you are and your data, the latter almost everything except your location and the fact that you are using TOR.

On the last point, using TOR presents what my colleague Jason Ryan calls “the cryptographer’s dilemma”. While it means you have a huge amount of privacy online, it also holds up a metaphorical sign saying “I am doing secret things! Over here, mass surveillance agency – me! Me!”.

Recommendations for using TOR for people like activists or journalists who need to keep their online activity away from prying eyes include:

  • Don’t use it too often
  • Don’t use it at home
  • Don’t upload files on it
  • Don’t log in to your email

There are more in an exhaustive – and, frankly, exhausting – list called Want TOR to really work?.

Online privacy and mass surveillance are very complex issues, as are the solutions. I’m very grateful to Chris Pinchen and his cryptoparty friends for helping me to begin to think these issues and ideas through.