The session was proposed and initiated by Nathan Freitas and focuses on four general areas -- security, privacy, anonymity, and technology.
Anonymity Needs
* Dataset anonymity at collection point -- by indirection?
* Anonymous redialer -- Google Voice, OpenBox.com possible tools
* Short messages are easier to anonymize
* TOR on the Android phone (see http://openideals.com/2009/10/22/orbot-proxy/)
-- Avoids man-in-the-middle attack
-- Also used by law enforcement
* Make anonymity and anti censorhip the everyday habits
* All phones support VPN now -- why shouldn't we all use it?
* Proper government regulation is necessary to
* Spoofing: packets look innocent and don't draw attention.
- HayStack mentioned as stegonagraphy tool
Privacy+Security Needs
* Dialer on Android is open source so can program to not log (select) calls.
* See Shadow -- browser that doesn't log.
* Documentary film -- subjects at more risk with new media exposure.
* Citizen journalism -- Ushahidi, frontline SMS, Alive Iran, SMS reports, voice calls.
-> Reporting exposes you. Problem with crowdsourcing as well.
* Education/guidelines about security, paranoia
* Encrypting draws attention -- sometimes better to be clear
* World Institute for Mobile Privacy (WIMP)
* Mobile Active has a mobile security guide (http://mobileactive.org/howtos/mobile-surveillance-primer)
* Using secure gmail
-- Reports in Burma that man in the middle attacks are launched. The Internet Service Provider gives you a fake SSL cert, so you think you are secure, but you are not.
* A "HELP I'M CAPTURED' beacon
-- Involves 911/GPS alert/Wipe of Device
* Possible worries
-- Tracking in repressive countries
-- Matching by computers.
-- Traffic analysis
* Possible use: Mediation and Negotion
-- requires confidentiality as migrating from web to mobile technology
Tools/Technology for Supporting Security
Name |
Platform |
Privacy (network), Encryption (device), Anonymity |
CryptoSMS |
J2ME |
P, E |
Crypto apps |
Android |
P, E |
Remote Wipe |
Android |
P |
Orbot (TOR) |
Android |
P, E, A |
Shadow (Browser) |
Android |
P (doesn't log) |
OpenVPN |
Smartphones |
P, E |
PPPT |
|
|
Guardian |
Android |
P, E, A |
SIPdroid |
Android |
P, E, voice |
Skype |
iPhone, Windows Mobile |
P voice
|
XMPP Android (can be secured)
OTR (off the record) messaging
Comments (0)
You don't have permission to comment on this page.