Who can see what you are doing on the internet right now?

Yesterday’s cryptoparty was fascinating in so many ways. A two hour-ish session took us through online privacy issues, behaviours and tools.

Particularly useful was an interactive diagram from the Electronic Frontier Foundation, which campaigns for internet freedom, showing who can see what you are doing with your web browser – from a hacker sitting in the same coffee shop, to your ISP, the hosts of the website you are using and government agencies tapping into the internet backbone (as the NSA and GCHQ in the UK have been doing) or contacting the ISP or website for their records. 

Click on the image below to try it for yourself.

ZZ55706B45

 

I knew some of this previously, but this diagram is really helpful in clarifying the situation. You can see who see how of your online activity is blocked by using a secure plug in (the HTTPS Everywhere extension for Chrome and Firefox browsers will do this) or a super-secure browser like TOR (which encrypts and hides users’ location, identity and web use). Fro the most part, the former blocks people seeing who you are and your data, the latter almost everything except your location and the fact that you are using TOR.

On the last point, using TOR presents what my colleague Jason Ryan calls “the cryptographer’s dilemma”. While it means you have a huge amount of privacy online, it also holds up a metaphorical sign saying “I am doing secret things! Over here, mass surveillance agency – me! Me!”.

Recommendations for using TOR for people like activists or journalists who need to keep their online activity away from prying eyes include:

  • Don’t use it too often
  • Don’t use it at home
  • Don’t upload files on it
  • Don’t log in to your email

There are more in an exhaustive – and, frankly, exhausting – list called Want TOR to really work?.

Online privacy and mass surveillance are very complex issues, as are the solutions. I’m very grateful to Chris Pinchen and his cryptoparty friends for helping me to begin to think these issues and ideas through.

Against mass surveillance – what will you do today?

ZZ6D612BDC

Today is a day of action and protest against mass surveillance by our governments: The Day We Fight Back.

Aptly, the first thing in my Twitter stream when I opened my laptop this morning  was the inventor of the Web re-tweeting the Electronic Frontier Foundation’s message…

ZZ52E6FBD6

Things move quickly, our lives are busy. Today, though, take the opportunity of The Day We Fight Back to stop and ask – what kind of a world do you want to live in? What future do we want to choose? What kind of Web do we want to live with around us?

Then do one thing – or a few things – to mark your intent, to take small steps toward the future you want.

Here’s what I’m doing:

  • Adding my voice to the chorus of dissent –  by signing the EFF petition and adding their banner to my website.
  • Supporting those who are fighting for our online freedom every day – by  re-joining the Open Rights Group in the UK, that campaigns for internet freedom and making a donation.
  • Learning more about how to take control of my data and security personally – by attending a Cryptoparty this evening where people will be learning how to lock down their devices and manage their online data. I’m hoping to help hold more of these for friends, colleagues and clients in the future.

Spread the word. Tell others what today means and what you are doing to support it…