Jose Aguinaga
Web Engineer. UX & Interactions Designer. Full-Stack Javascript Developer.
A presentation by José Aguinaga
Use content to your own risk, can't be held liable or accountable of the information
The disgruntled lover
😱
👻
The big brother
The unrequested loan
😂😂😂
Unaware and without any control
We are sharing information without being aware it’s happening, and we can not do anything about it.
Aware but without control, or very little
We know we are sharing information, but we can't do anything to stop it.
Control, but without awareness
We are unaware that we are sharing information, but we are given the control of stopping doing so.
Awareness and control
We know what we are sharing, and we can control whether we keep sharing it or not.
Anyone can see this information
Your first name, physical appearance, general location, perceived gender.
Trusted parties have access to this information
Personal phone, home address, personal documents, age, economical situation, family.
Binded by law individuals only
Bank account details, behavioural patterns, economical investments, social security information.
“If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place”
Eric Schmidt, Google Chairman CNBC's Interview 2009
“Privacy is no longer a ‘social norm’”
Mark Zuckerberg, Facebook CEO, Crunch Awards Interview 2010
“You already have zero privacy. Get over it”
Scott G. McNealy, CEO of Sun Microsystems Inc, 1999
“No place to hide”, a book describing the findings of Edward Snowden while working for the NSA, describes the depth of the PRISM program to harvest and interpret people's information through multiple web services.
“Mass surveillance creates a prison in the mind”
Glenn Greenwald, “Why privacy matters” TED Global.
NSA Files Decoded
http://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded
Leaving your computer unlocked while not being on your workstation makes it prone to privacy attacks.
This goes the same for your phone. Notifications should not be show on lock screen.
Personal Recommendation: Hot corners + Screen saver
..as well as your screen. Privacy shades on your display stops strangers to snoop confidential information. A camera cover stops potential hackers to take over more than just digital information located in the device.
Personal Recommendation: None
Use a different user for your everyday activities, and a super admin user for controlling privileged actions on your computer. Were it to be compromised, access would be limited to the malware.
Personal Recommendation: OS setup.
Flash is no longer required for sites like YouTube. For years, it has been the entry point of failure for multiple vulnerabilities while browsing webpages.
Personal Recommendation: HTML5 Video
Unless you really enjoy their flawless synchronization alongside all their products, using a more private aware provider is a better option.
Personal Recommendation: Proton Mail (Free)
Kolab Now ($)
Either use a password manager or your own (ideally an offline local solution), or setup a tabula recta for generating site specific passwords.
Passwords: Long, unique, memorable.
Personal Recommendation: Tabula recta
The easiest way to ensure traffic doesn't go outside your computer is to setup outbound rules to avoid malware or third party software to ping home.
Personal Recommendation: Little Snitch, Private Eye
Most autocomplete or autosearch features leak every request inserted in them. A big example is Mac OSX Spotlight
Personal Recommendation: Disable Spotlight
Your traffic should be your concern, and your concern only. Specially while browsing on public wifi.
Additional note: Avoid public wifi when possible.
Personal Recommendation: NordVPN ($), FreeVPN.Ninja (Free)
Although Chrome is definitely a great browser, the guys at Mozilla put privacy one of their top concerns.
Learn how to setup: HTTPS Everywhere, Cookie and User Agent buster.
Personal Recommendation: See “Additional Links”
After the NSA files were exposed, it has been revealed that major internet services providers located in the US are being used as data sources for mass surveillance.
Additionally, under US Patriotic Act, companies under US soil can be requested to hand over any customer information (e.g. Lavabit)
Personal Recommendation: See https://prism-break.org
https://pack.resetthenet.org/
https://securityinabox.org/
https://www.privacytools.io/
https://prism-break.org/en/
https://ssd.eff.org/
Phone notifications usually contain sensitive information. Anyone that oversees a notification might be able to get information from a client, investor, or third party.
Disable notifications on lock screen to avoid this.
Being aware of most up-to date payments technologies allows to give clients the best insights on investments, latest development in digital currencies and other financial developments.
Enroll to multiple fintech newsletters to spot the latest news in the industry
Anyone that has physical access to your computer even for a few seconds is able to retrieve confidential data, infect the network, plug malware into your computer or setup even surveillance software.
See
https://github.com/juuso/keychaindump
A mix of technologies is required for setting up full anonymity. From setting untraceable bitcoin wallets, to setting up Tails, the task can be pretty daunting... but possible.
See
https://prism-break.org
By Jose Aguinaga
Web Engineer. UX & Interactions Designer. Full-Stack Javascript Developer.