Week 2 is cryptography! This is a topic I really like because the more detailed it gets, the more fascinating it is. The article will be shorter than the first one though- the workload for the semester is picking up.
We were given a brief overview of some fields of cryptography to start with, including:
- The Onion Router (TOR)- This software makes tracing users very difficult due to the number of re-routes it performs. I have never heard of this before attending the session and it is quite interesting- what the name implies is that any one searching for the user on the internet must go through a long-winded process to find them, similar to having to peel all the layers of onion skin (and crying) before reaching the core. This could be a double-edged sword- those who need the protection of a safe router may find this useful, but those participating in crime will also use this for anonymity. Those who use routers such as TOR are more likely to be involved with Drugs, for example.
- http vs https- You may have noticed that many sites now have https:// in front of the web address. The tabs that i have open right now- Gmail, Facebook and WordPress- all have https in front of their web addresses, and this is a good thing because the s stands for ‘secure’ (and http = hypertext transfer protocol). It involves an extremely detailed protocol, which uses an encryption that allows only the client and server to know what is going on. With http, when you send your credit card details to the company you are purchasing from, there could be a ‘man-in-a-middle’ intercepting your information. With https, this is much more difficult.
- Bitcoin- this currency is widely mentioned in the media because of its volatile nature: From bitcoincharts.org; Drastic price changes occurred in December 2013/January 2014
- Bitcoin can be ‘mined’- although high-ended processors are needed for this.
- Bitcoin is the first officially decentralised digital currency, and it doesn’t really have a physical form. The ownership of the bitcoin is included in its digital form.
- Although users of bitcoin are heavily promoting its usefulness (in anonymity and security, for example), I think its flaw is that it is unlikely to be stable enough for the general public to adopt this currency.
- Edward Snowden- we share the same first name! This person has given up much of his freedom to inform us of what some security/spying agencies are capable of, including:
- Tapping into fibre-optic cables
- Asking major companies to give up metadata on its userbase
- Backdoors- in some cases deliberate
It seems like the amount of privacy everyone wants is different, but if we had the choice, we would prefer at least some sense of security. This is a quote that our group mentioned during the group discussion/debate:
People who have nothing to hide, hide nothing.
On the surface, this statement seems correct. If we are doing everything lawfully, then why should we worry about these spying agencies?
In tropical countries, most wear clothes, even though the extra warmth provided by them isn’t needed. Then, is it okay to ask them to not wear clothes at all? No, because the majority of them will have insecurities about their bodies. This is similar to our internet profile.
Spotify, the music streaming service, shows your friends what song you are listening to at any given time. Now imagine that your internet use is broadcasted as so: “Friend A has visited Friend C’s profile. Total- 13 times this week”; “Friend C has blocked D from her profile, with the label- ‘sexual harrassment'”; “Coworker T is listening to ‘Baby one more time’ by Britney Spears, for the 957th time..” I’m not sure any of these people will be happy to have their information broadcast like this. Would you?
Hopefully you can see by now that although the power of vulnerability, with a decreased sense of privacy, could be an important aspect to have, it has to be done in moderation.
My proposed solution would be for users to choose their own level of privacy as they see fit. For example, John may want his locations tracked for recording how far he’s been jogging, but Johanna may choose not to in fear of her ex-husband finding her. This is of course only a hypothetical solution and will be difficult to implement, but some companies are already using a form of this.
Hope you enjoyed this post, and please tell me what you thought of my solution/other parts of this post!
This session was presented by Steven Galbraith and Peter Gutmann. (Thanks, Peter, for the thought-provoking discussion afterwards!)