![Freedom House is an independent watchdog organization that supports the expansion of freedom around the world. Freedom House supports democratic change, monitors freedom, and advocates for democracy and human rights. Robert Guerra – [email_address] P roject Director, Internet Freedom Freedom House http://www.freedomhouse.org twitter.com/netfreedom Support the right of every individual to be free. Donate now. For more information contact:](https://image.slidesharecdn.com/lessonsonnetfreedombestpracticesincybersecurity-101207142254-phpapp02/85/Lessons-on-netfreedom-best-practices-in-cyber-security-31-320.jpg)
Lessons on netfreedom+best practices in cyber security
- 1. Lessons on Internet Freedom and Best Practices in Cyber Security Strategies & Tools for Nonviolent Conflict Washington, DC Dec 6-7, 2010
- 2. Internet Freedom @ FH Freedom on the Net (FOTN) 2009 (15), 2011 (37) Technology Support Support, Training, Research Advocacy / Policy Internet Governance (IGF) Freedom of Expression Engaging NGO Networks Strategic Partnerships
- 3. What is Net Freedom? What techniques are used to control and censor online content? What are the main threats to internet and digital media freedom? What are the positive trends and uses of these technologies?
- 4. How Do We Measure Net Freedom Obstacles to Access Limits on Content Violations of User Rights
- 7. More Net Freedom than Press Freedom Every country except the UK scored better on FOTN than Freedom of the Press Differences most noticeable in partially free countries.
- 8. Growing Civic Activism Bloggers and other internet users are using digital media in creative ways to mobilize: Facebook activists in Colombia, Egypt, Iran Use of Twitter for political change in Moldova Text messages report election violence in Kenya “ Sneakernets ” in Cuba
- 9. But Also…Growing Threats Conditions deteriorated in many countries over the review period. 11 of the 15 countries censored some political content. Six of the 15 countries sentenced a blogger or online journalist to prison. Five introduced new internet-restricting legislation.
- 10. Legal Repercussions and Violence Legal repercussions: Use of general media legislation against online activities as well as development of internet-specific legislation “ Libel Tourism” a danger in the UK Extra-legal harassment and violence: Detentions, intimidation, torture Technical violence: hacking, DDoS attacks, Cyber espionage Surveillance and infringements on privacy in a wide range of environments
- 11. Restricting Access Seven of the 15 countries studied had blocked ‘Web 2.0’ applications such as: Facebook YouTube Twitter Flickr Iran restricts broadband and Mobile SMS “ Just in Time” blocking (elections, key events) Software Licenses : Copyright violations? Flag for removal: Social Media
- 12. Censorship Some censorship in every country studied, though not always political/social content. Wide range of techniques for removing content: Technical filtering Manual removal because of government directives, judicial orders, intimidation China’s apparatus is the most sophisticated, multi-layered, and includes censored SMS. Significant lack of transparency in censorship procedures, including in some democracies.
- 13. What Censorship Looks Like We compared the results from three searches using Google, a top search engine in the U.S. with results from Baidu, the top search engine in China. The search terms were: Freedom House Falun Dafa Tiananmen Square
- 14. Freedom House
- 15. Falun Dafa
- 16. Tiananmen Square
- 17. Going the Distance for Access Residents in the Xinjiang province of China faced crippling restrictions of email, SMS, and the Internet after the government clamped down on civil unrest in the area. Business owners and residents of Xinjiang were forced to travel 24 hours by car and hundreds of miles by train and airplane to reach the nearest internet café. Would you travel over 600 miles just to check your email?
- 18. Censorship : New Threats Just in Time Blocking Key website and/or services blocked ahead of significant events (protest, election, strike) Communications infrastructure turned off (Iran) Servers seized Targeted Censorship: Block key sites at critical time. Distributed Denial of Service (DDoS) attack Flag for removal: Use “abuse reporting” mechanisms to suspend accounts Software Licenses NGO’s targeted for copyright violations Cripple Blackberry Security
- 19. Censorship : Just in time blocking
- 20. Censorship : Software Licenses
- 21. Censorship : Software Licenses - 2
- 23. Tech for Free Expression Training Surveillance (Mobile, Internet, etc..) Use easy to understand examples: Post card, unlocked car .. Information Security: Secure communications, Circumvention tools Human Factors: Don’ t underestimate what damage one person can do : Wikileaks (Private Manning & Dept of State) Materials Development AV strategy: Videos, Cartoons, New Media, etc
- 26. Discussion(I) Review of existing communication methods What is used for communications ? Issues to discuss: Corresponding with partners, field monitors, donors, etc What type of information is being transmitted? What is are the risks & vulnerabilities High Risk Environments Understanding the vulnerabilities Need to explain in simple to use language Sending messages via insecure networks Post office Example (post cards) Internet Mobile Networks (location tracking, remote access of phone, etc..)
- 27. Discussion (II) Privacy should be maximized Don’t leak key information (credentials: username & passwords) HTTPS Everywhere Importance of Persistent HTTPS & minimizing history/logs Facebook Privacy Settings Real Names Policy : There are ways to protect yourself Secure Email Which webmail service is most/least secure Gmail (Review of Settings - Best Practices) Standard gmail Google Apps (two factor authentication) Hushmail Vaultletsoft (Install / Account creation / Features / Best Practices)
- 28. Discussion (III) Blackberry Devices are all the same There are vulnerabilities Security varies : Business & Consumer configuration Chat Skype: Vulnerabilities Alternatives : Open Standards Based (Jabber, Guardian Project) Website Not just about servers : Domain name registration, bandwidth, etc Hosting : Pick a jurisdiction that provides protection (US, Amazon EC2..) Anti-censorship / Anonymity Psiphon (Proxy), Hotspot Shield (VPN), TOR (Anonymity)
- 29. Discussion (III) Data Security VPN – Secure Tunnel What to do when you don’t trust the network Encryption (Truecrypt) Plausible Denialability Secure Documentation: Martus Remote backup Securely collaborate Encrypted Data Deleting Data What happens when one deletes data ? Do you need to delete, or prevent self-incrimination Wiping Tools Darik's Boot and Nuke ("DBAN")
- 30. Resources Super Peif : Awareness raising http:// superpeif.com Secure NGO in a Box http://security.ngoinabox.org Guardian Project https://guardianproject.info / Hotspot Shield http:// hotspotshield .com/ Martus http://martus.org Truecrypt http://www.truecrypt.org/ Darik’s Boot and Nuke (DBAN) http://www.dban.org/ Vaultletsoft http:// www. vaultletsoft .com
- 31. Freedom House is an independent watchdog organization that supports the expansion of freedom around the world. Freedom House supports democratic change, monitors freedom, and advocates for democracy and human rights. Robert Guerra – [email_address] P roject Director, Internet Freedom Freedom House http://www.freedomhouse.org twitter.com/netfreedom Support the right of every individual to be free. Donate now. For more information contact: