mikegerwitz
/
sapsf
1
0
Fork 0
Code Releases Activity

slides.org (The Web): Initial note breakout

master
Mike Gerwitz 2017-03-06 23:57:38 -05:00
parent d901e6546e
commit 4f1487211b
1 changed files with 127 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
slides.org
View File

@ -42,7 +42,7 @@
| **** Free/Libre Mobile OS? | | DRAFT | |
| **** Modem | | DRAFT | |
|-----------------------------------------------+----------+---------+---------------|
| ** Stationary [0/5] | | RAW | |
| ** Stationary [0/5] | | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
| *** Introduction [0/1] | | DRAFT | ignoreheading |
| **** Introduction | 00:00:30 | DRAFT | fullframe |
@ -65,29 +65,33 @@
| **** ALPRs | 00:01 | LACKING | |
| **** Car Itself | 00:00:30 | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
| ** The Web [0/6] | | RAW | |
| ** The Web [0/6] | | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
| *** Introduction [0/1] | | RAW | ignoreheading |
| **** Introduction | | RAW | fullframe |
| *** Introduction [0/1] | | DRAFT | ignoreheading |
| **** Introduction | | DRAFT | fullframe |
|-----------------------------------------------+----------+---------+---------------|
| *** Bridging the Gap [0/1] | | RAW | |
| **** Ultrasound Tracking | 00:01 | RAW | |
| *** Bridging the Gap [0/1] | | LACKING | |
| **** Ultrasound Tracking | 00:01 | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
| *** Incentive to Betray [0/1] | | RAW | |
| **** Summary | 00:00:30 | RAW | fullframe |
| *** Incentive to Betray [0/1] | | DRAFT | |
| **** Summary | 00:00:30 | DRAFT | fullframe |
|-----------------------------------------------+----------+---------+---------------|
| *** Analytics [0/2] | | RAW | |
| **** Trackers | 00:01 | RAW | |
| **** Like Buttons | 00:01 | RAW | |
| *** Analytics [0/2] | | LACKING | |
| **** Trackers | 00:01 | LACKING | |
| **** Like Buttons | 00:01 | DRAFT | |
|-----------------------------------------------+----------+---------+---------------|
| *** Fingerprinting [0/2] | | RAW | |
| **** Summary | 00:03 | RAW | fullframe |
| **** Browser Addons | 00:01 | RAW | |
| *** Fingerprinting [0/3] | | LACKING | |
| **** Summary | | DRAFT | |
| **** Alarmingly Effective | 00:03 | LACKING | fullframe |
| **** Browser Addons | 00:01 | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
| *** Anonymity [0/3] | | RAW | |
| **** Summary | 00:01 | RAW | fullframe |
| **** The Tor Network | 00:01 | RAW | |
| **** TorBrowser, Tails, and Whonix | 00:02 | RAW | |
| *** Anonymity [0/4] | | LACKING | |
| **** Summary | 00:01 | LACKING | fullframe |
| ***** TODO Anonymity | | | |
| ***** TODO Pseudonymity | | | |
| **** IANAAE | | DRAFT | fullframe |
| **** The Tor Network | 00:01 | LACKING | |
| **** TorBrowser, Tails, and Whonix | 00:02 | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
| ** Data Analytics [0/2] | | LACKING | |
|-----------------------------------------------+----------+---------+---------------|
@ -701,25 +705,37 @@ Maybe your car itself is a tracking device (e.g. OnStar).
#+END_COMMENT
** RAW The Web [0/6]
*** RAW Introduction [0/1] :B_ignoreheading:
** LACKING The Web [0/6]
*** DRAFT Introduction [0/1] :B_ignoreheading:
:PROPERTIES:
:BEAMER_env: ignoreheading
:END:
**** RAW Introduction :B_fullframe:
**** DRAFT Introduction :B_fullframe:
:PROPERTIES:
:BEAMER_env: fullframe
:END:
- Much of our lives are no longer in the flesh
- Or have some non-fleshy (virtual) analog
#+BEGIN_COMMENT
But you're not just tracked in the flesh.
Much of what we do today is virtual.
What better way to segue than to bridge the two?
#+END_COMMENT
*** RAW Bridging the Gap [0/1]
**** RAW Ultrasound Tracking
*** LACKING Bridging the Gap [0/1]
**** LACKING Ultrasound Tracking
:PROPERTIES:
:DURATION: 00:01
:END:
- <1-> How do you bridge that analog?
- <2-> Particularly insidious example: ultrasound tracking
- <2-> Correlates users across devices
#+BEGIN_COMMENT
A challenge for advertisers is correlating users across multiple devices,
and in the real world.
@ -735,14 +751,21 @@ Others play inaudible sounds that are picked up by your mobile device or
computer.
<...>
#+END_COMMENT
*** RAW Incentive to Betray [0/1]
**** RAW Summary :B_fullframe:
*** DRAFT Incentive to Betray [0/1]
**** DRAFT Summary :B_fullframe:
:PROPERTIES:
:DURATION: 00:00:30
:BEAMER_env: fullframe
:END:
#+BEGIN_CENTER
There is strong incentive to betray
#+END_CENTER
#+BEGIN_COMMENT
So how does tracking happen?
How does this tracking code _get_ on so much of the web?
@ -751,13 +774,20 @@ Incentives to betray users.
Many websites make money through advertising.
It can be lucrative.
And it's _easy_ to do.
#+END_COMMENT
*** RAW Analytics [0/2]
**** RAW Trackers
*** LACKING Analytics [0/2]
**** LACKING Trackers
:PROPERTIES:
:DURATION: 00:01
:END:
- <1-> Website owners want to know what their visitors are doing
- <1-> That in itself isn't an unreasonable concept
- <2-> Methods and data define the issue
#+BEGIN_COMMENT
Site analytics is another issue.
Website owners want to know what their visitors are doing.
That in itself isn't an unreasonable thing broadly speaking,
@ -777,12 +807,19 @@ All of this can be used to identify users across the entire web.
If you must track your users, consider using Piwik, which you can host
yourself.
#+END_COMMENT
**** RAW Like Buttons
**** DRAFT Like Buttons
:PROPERTIES:
:DURATION: 00:01
:END:
- <1-> Services encourage use of "like" buttons and such
- <1-> Infecting the web with trackers under the guise of community
- <2-> **Use Privacy Badger**
#+BEGIN_COMMENT
Another popular example are "like buttons" and similar little widgets that
websites like Facebook offer.
If a user is logged into Facebook,
@ -794,17 +831,31 @@ But even if you don't have a Facebook account,
you are still being tracked.
Addons like Privacy Badger will block these.
#+END_COMMENT
*** RAW Fingerprinting [0/2]
**** RAW Summary :B_fullframe:
*** LACKING Fingerprinting [0/3]
**** DRAFT Summary :B_fullframe:
#+BEGIN_CENTER
Browser Fingerprinting
#+END_CENTER
#+BEGIN_COMMENT
These methods are part of a broader topic called "browser fingerprinting".
It's just what it sounds like:
uniquely identify users online.
#+END_COMMENT
**** LACKING Alarmingly Effective
:PROPERTIES:
:DURATION: 00:03
:BEAMER_env: fullframe
:END:
These methods are part of a broader topic called "browser fingerprinting".
It's just what it sounds like:
uniquely identify users online.
- TODO
#+BEGIN_COMMENT
It's alarmingly effective.
<<general fingerprinting stuff>>
@ -814,25 +865,33 @@ Some methods allow fingerprinting even if the user uses multiple browsers
and takes care to clear all session data.
They can do this by effectively breaking out of the browser's sandbox by
doing operations that depend heavily on specifics of users' hardware.
#+END_COMMENT
**** RAW Browser Addons
**** LACKING Browser Addons
:PROPERTIES:
:DURATION: 00:01
:END:
- TODO
#+BEGIN_COMMENT
(Merge into other sections?)
So how do we avoid this type of tracking?
<<Talk about browser addons>>.
#+END_COMMENT
*** RAW Anonymity [0/3]
**** RAW Summary :B_fullframe:
*** LACKING Anonymity [0/4]
**** LACKING Summary :B_fullframe:
:PROPERTIES:
:DURATION: 00:01
:BEAMER_env: fullframe
:END:
#+BEGIN_COMMENT
Another way is to be anonymous or pseudononymous.
In the latter case,
you assume a pseudoynm online and perform only activities that should be
@ -840,19 +899,43 @@ In the latter case,
In the former case,
there should be no way to ever correlate past or future actions with your
current session.
#+END_COMMENT
***** TODO Anonymity
Foo
***** TODO Pseudonymity
Bar
**** DRAFT IANAAE :B_fullframe:
:PROPERTIES:
:BEAMER_env: fullframe
:END:
#+BEGIN_CENTER
IANAAE (I Am Not An Anonymity Expert)
#+END_CENTER
#+BEGIN_COMMENT
This is a difficult topic that's pretty dangerous to give advice on if you
have strong need for anonymity---for example, if you are a dissident or
whistleblower.
If your life depends on anonymity,
please do your own research.
I provide a number of resources to get you started.
#+END_COMMENT
**** RAW The Tor Network
**** LACKING The Tor Network
:PROPERTIES:
:DURATION: 00:01
:END:
- The Onion Router (Tor)
- ...
#+BEGIN_COMMENT
Most here have probably heard of Tor.
"Tor" stands for "The Onion Router",
which describes how it relays data through the Tor network.
@ -873,12 +956,17 @@ It's also possible to resolve DNS requests through Tor.
There are lots of other details that I don't have time to get to here,
but I provide a number of resources for you.
#+END_COMMENT
**** RAW TorBrowser, Tails, and Whonix
**** LACKING TorBrowser, Tails, and Whonix
:PROPERTIES:
:DURATION: 00:02
:END:
- TODO
#+BEGIN_COMMENT
Tor alone isn't enough to secure your anonymity.
It's hard to secure a web browser.
@ -891,6 +979,7 @@ The Tor browser recommends that you don't rely on a vanilla Firefox for
Tails...
Whonix...
#+END_COMMENT
** LACKING Data Analytics [0/2]